"intentional backdoor", read that again.
-
RE: https://flipboard.com/@theverge/the-verge-5hobbaa8z/-/a-RKgzzvvtTnadjMq82fXG_A%3Aa%3A43611565-%2F0
"intentional backdoor", read that again.
Don't buy "smart" appliances if you can, isolate if you must, shoot when it makes an unexpected noise.
@koen_hufkens By "will remove" they mean "will restrict it to only be accessible with their private key, not a default password". Not actually remove.
-
"Completely removing remote diagnostic capability would reduce our ability to help customers resolve safety, connectivity, and service issues quickly, especially in cases where physical inspection is not practical,"
In short, your privacy and security is secondary to their profit margins as they don't want to send out a field tech, have reseller support or allow third party repairs.
@koen_hufkens “…where’s physical inspection is not practical.”
It’s a lawnmower fcol.
-
RE: https://flipboard.com/@theverge/the-verge-5hobbaa8z/-/a-RKgzzvvtTnadjMq82fXG_A%3Aa%3A43611565-%2F0
"intentional backdoor", read that again.
Don't buy "smart" appliances if you can, isolate if you must, shoot when it makes an unexpected noise.
@koen_hufkens thanks I will stick to my old rotary non gas non electric push mower. Works well, never breaks down, and the only sound it makes is a very zen shhwsh shhwsh shhwsh.
Besides, huge lawns are a waste of everything. -
RE: https://flipboard.com/@theverge/the-verge-5hobbaa8z/-/a-RKgzzvvtTnadjMq82fXG_A%3Aa%3A43611565-%2F0
"intentional backdoor", read that again.
Don't buy "smart" appliances if you can, isolate if you must, shoot when it makes an unexpected noise.
The US government refused to use Drones made in #China for this exact reason.
So when the Trump boys figured that out, they somehow secured a no bid contract to build drones for the US government. -
RE: https://flipboard.com/@theverge/the-verge-5hobbaa8z/-/a-RKgzzvvtTnadjMq82fXG_A%3Aa%3A43611565-%2F0
"intentional backdoor", read that again.
Don't buy "smart" appliances if you can, isolate if you must, shoot when it makes an unexpected noise.
@koen_hufkens Now that we have a promise from a
company, which is legally obligated to backdoor its robot lawnmowers, that they are going to make the backdoor disappear... (we don't really think it's going away, right?)Let's talk about cars.
... all of them. -
R relay@relay.infosec.exchange shared this topicR relay@relay.mycrowd.ca shared this topic
-
@koen_hufkens Now that we have a promise from a
company, which is legally obligated to backdoor its robot lawnmowers, that they are going to make the backdoor disappear... (we don't really think it's going away, right?)Let's talk about cars.
... all of them.@TallSimon They are (connected) computers on wheels. So you have to pick your brand very carefully.
-
@koen_hufkens “…where’s physical inspection is not practical.”
It’s a lawnmower fcol.
@TomDB I get it, having to service stuff costs money. Even for a lawnmower. But if they were honest they could partner with garden centers to provide such a service. But no, they have to spy on you.
-
@TallSimon They are (connected) computers on wheels. So you have to pick your brand very carefully.
@koen_hufkens Slate, maybe.
It's not so much the brand, as the year. We'll see how long I can keep my 2009 and 2010 cars running. Both are dumb as stumps, and only transmit data on Bluetooth or tire pressure monitors, which is manageable.
-
RE: https://flipboard.com/@theverge/the-verge-5hobbaa8z/-/a-RKgzzvvtTnadjMq82fXG_A%3Aa%3A43611565-%2F0
"intentional backdoor", read that again.
Don't buy "smart" appliances if you can, isolate if you must, shoot when it makes an unexpected noise.
Buterlian Jihad every day and always
-
RE: https://flipboard.com/@theverge/the-verge-5hobbaa8z/-/a-RKgzzvvtTnadjMq82fXG_A%3Aa%3A43611565-%2F0
"intentional backdoor", read that again.
Don't buy "smart" appliances if you can, isolate if you must, shoot when it makes an unexpected noise.
@koen_hufkens i feel like a vegan reading ingredients whenever i buy any silly stupid little gadget lately.....
does it need a proprietary app to work?
will it work without the app? why does it need wifi, and will it work without it?
does the app need a login....? and will it try to sell me a monthly subscription??
can i run my own code on it? #foss ??
.....why the fuck does a toaster need a screen, unless it is showing me video of my toast, and why the fuck would i need to see that? -
@TomDB I get it, having to service stuff costs money. Even for a lawnmower. But if they were honest they could partner with garden centers to provide such a service. But no, they have to spy on you.
@koen_hufkens @TomDB You are expecting them to bet on a garden center having qualified technical people who can repair a robot with an embedded operating system.
Not exactly what they're known for.
I mean...I'm so sick of IT that I'm doing yard work now. I even applied for a counter position at a small engine repair shop. But these guys can't bet on finding someone like me at EVERY garden center.
-
RE: https://flipboard.com/@theverge/the-verge-5hobbaa8z/-/a-RKgzzvvtTnadjMq82fXG_A%3Aa%3A43611565-%2F0
"intentional backdoor", read that again.
Don't buy "smart" appliances if you can, isolate if you must, shoot when it makes an unexpected noise.
@koen_hufkens "Backdoor Surprise" has a totally different meaning from the one I heard growing up.
-
@koen_hufkens Slate, maybe.
It's not so much the brand, as the year. We'll see how long I can keep my 2009 and 2010 cars running. Both are dumb as stumps, and only transmit data on Bluetooth or tire pressure monitors, which is manageable.
@TallSimon @koen_hufkens My 06 ranger blew something. Now it goes bang bang bang and blows blue smoke out it's ass.
So now I have a 96 Civic. It has a cassette tape player. The radio has rotary pots and mechanical memory buttons. It doesn't even have power windows.
Both have computers but they're dumb and unconnected.
I'll get that ranger going again.
-
@adavid @koen_hufkens Didn't that ship stay up and running for many millions of years with only a robot and a cat to keep it company?
-
@koen_hufkens By "will remove" they mean "will restrict it to only be accessible with their private key, not a default password". Not actually remove.
@dalias @koen_hufkens When I was working BCI someone decided that the log files the driver for the head unit create needed to be encrypted for privacy reasons.
I was worried that a log file could be analyzed to get the key if we just naively approached this. I didn't think regular encryption methods would work and we needed to look stuff up.
What did they decide to go with? XOR each line against a hard coded word. Then of course document that in detail for regulatory purposes.
-
@dalias @koen_hufkens When I was working BCI someone decided that the log files the driver for the head unit create needed to be encrypted for privacy reasons.
I was worried that a log file could be analyzed to get the key if we just naively approached this. I didn't think regular encryption methods would work and we needed to look stuff up.
What did they decide to go with? XOR each line against a hard coded word. Then of course document that in detail for regulatory purposes.
@dalias @koen_hufkens FWIW, my actual recommendation is that we make sure not to put any patient information in the log file. Bing bang boom...done.
Failing that though, and just having to have this feature, I wanted to make sure we applied at least SOME engineering to it.
Oh well.
-
@koen_hufkens i feel like a vegan reading ingredients whenever i buy any silly stupid little gadget lately.....
does it need a proprietary app to work?
will it work without the app? why does it need wifi, and will it work without it?
does the app need a login....? and will it try to sell me a monthly subscription??
can i run my own code on it? #foss ??
.....why the fuck does a toaster need a screen, unless it is showing me video of my toast, and why the fuck would i need to see that?I honestly wonder what the breakdown is of people who will refuse any kind of smart appliance, those who don't really want it but shrug because of lack of options, and those who fully embrace having their fridge sing songs to them.
-
RE: https://flipboard.com/@theverge/the-verge-5hobbaa8z/-/a-RKgzzvvtTnadjMq82fXG_A%3Aa%3A43611565-%2F0
"intentional backdoor", read that again.
Don't buy "smart" appliances if you can, isolate if you must, shoot when it makes an unexpected noise.
@koen_hufkens @lisamelton I mean, it’s not like it’s got blades attached and can move autonomously - oh, wait.
