Viewing a single comment thread. View all comments

majorgeneralpanic t1_j24enzd wrote

I’m powerfully uncomfortable with the Internet of things for this reason. When the big boys like Samsung TVs and Google Homes are so vulnerable, why would I be able to trust a small startup? They probably have to use off the shelf parts like OpenSSH that open the door for HeartBleed etc, and they can’t afford the security staff that Google can.

45

HardwareRaidIsDead t1_j24zabv wrote

OpenSSH is fine long as it is patched, and is a common used software, a lot of IOT's are build so cheap they only can get updates for a few years before they break. also them being a black box does not help.

14

ManyInterests t1_j270hu6 wrote

You want them to use off-the-shelf solutions. Never roll your own security.

4

Dont____Panic t1_j279wqg wrote

I run a cybersecurity company that helps companies with exactly this type of thing.

So many companies we talk to simply say “yeah that’s not in the budget unless a customer/government tells us it’s mandatory.

About 10-20% do it anyway.

Hard to tell which is which as a customer.

1