"copyright law is predicated on the theory that creators are incentivized to create new works by the prospect of reaping the economic fruits of their creative labor, which in turn benefits the public by increasing the number of creative works available for their enjoyment"
The objective is not so that the works are "available for our enjoyment", but rather that such works will eventually be fully ours, aka, Public Domain.
They act like the mid-state is the end game. It is not.
Just like the dunking machine at my high school fundraiser.
Sooner or later, the Principal gets soaked. It just takes one hit.
That's what's so evil about Thiel's crusade. If resources are unlimited, and no quarter is offered, then eventually, Gawker will lose, guilty or not.
Similarly, if a billionaire offered everyone in the country to support their lawsuit against you, for any claim...sooner or later you would lose one. And you'd be bankrupted by legal claims soon enough anyways.
True, Techdirt has called out most dumb security lapses. But I don't think the entire sector was considered stupid because of the lapses.
Take HTTPS web servers. Mike harped on that for years waiting for websites to figure out they should secure the connection. But at no point did anyone suggest the web was stupid, useless, or silly as a result.
Re: Once again: 'Everyone else is doing it' is not a valid excuse
There is a big difference between:
saying "Your article's should cover things I care about: starvation, jaywalking, etc"
and saying "You are consistently writing about one particular topic in a way that suggests a chip on your shoulder more than a fair evaluation."
"Exactly what is your objection to articles like this pointing out lousy security practices" My objection is not calling out the security. It is the content (article and comments) that are summarized as: "The IoT is dumb because it currently is insecure."
Read the article. That insinuation is in there. For example, 16 locks were tested. An abysmal 12 were hackable. OK, so was the conclusion that the other 4 are better products, and we should look to them? No, there is no reward for being one of the better-made locks. Instead, the entire sector is painted with one brush: "the dysfunction onion".
What is the objective? To push for better security, or to kill IoT with FUD? I think it's the former, and I think even Karl might agree -- but the article does the latter.
I know that there are bluetooth adapters that can extend the life of your $300 Bose headphones, but that's inconvenient for many users.
There are also a host of non-headphone devices that will be made obsolete. Many companies took advantage of the headphone jack as a de facto I/O port. Their solutions will need to be upgraded, and will be more expensive now, and will require bluetooth, and worse: batteries and charging.
- Square or Paypal credit card readers - Microphones - Synchronized flash systems - Selfie Stick remote shutter buttons - Add-a-custom-buttons like Pressly
The floppy had universally better options, and was bad at its only purpose. Not so for the headphone port. I have a number of bluetooth headsets that are my primary way of connecting to the phone for media, but I STILL have plug-in headphones for hands-free voice calls. I use them for the pure simplicity and reliability of it.
"Not a week now goes by without the Internet of Things revealing a new layer in the dysfunction onion."
And not a week goes by without every other thing also being hacked through some security lapse. PCs, Browsers, phones, banks, stores, credit cards, DNC, and on and on. They all get hacked.
IoT, like any other connected devices, is attacked, often with success. Like the others, they should be more secure. But I still don't understand why Karl is so singularly pissed off at IoT, out of proportion with all else.
Here's news today on Volkswagen's keyless system that can be hacked. Is IoT really so specially bad?
The point is that startups and inventors start with a vision, and then work through each problem and barrier as it presents itself. They have dozens of such problems, thus are rather focused on what is stopping them from the goal. They are not focused on the problems that WILL present themselves AFTER they reach the goal of building the working invention.
Once again. Not the right decision, but very common, and not limited to IoT.
Once security is a problem with IoT (around the current time frame), then security will be the problem that people work to solve. Then it will be adequately addressed (because security cannot be fully solved).
Re: "They're doing it too" is not an acceptable defense
Well, that's exactly what I meant when I said "It's not right."
But what I'm calling out is the inordinate, out of proportion distaste Karl has for IoT. Has he been similarly sour about every other innovation that had security as an afterthought? Because most of them did.
MOST startups here in Silicon Valley struggle to build an MVP (a Minimum Viable Product), and then to shove that product out to market as fast as possible. There are massive pressures from first-to-market, to cash flow, to investor pressure. Most of these startups tend to look at security as a distraction from their race to grab market share fast. They figure they'll worry about security when security becomes a problem. If anyone here would like to debate this assertion, I'd be interested. But I think most would agree.
I have absolutely never asserted that this is right. Simply that this is true.
So to act like IoT is unique is misleading.
To act like IoT is a stupid idea because lots of it is insecure is short-sighted and untrue.
Fair enough, John. Your argument is cautious and sensible.
FYI, though it's not fully true. I use a number of IoT devices which are not cloud services, but rather things that I manage and access myself. It's technically much harder to do, so not mass market, but it's also available.
And of course, it's still vulnerable, as any connected device is.
I agree that security is not being implemented enough in IOT, but Karl, you seem to have a chip on your shoulder against IoT for some other reason, and are using the security weakness as a hammer.
"companies get so excited about the IoT marketing and revenue possibilities, they fail to embed even basic security in supposedly intelligent devices:"
That may be true of some, or even most IoT. But it does not justify painting the entire category as stupid.
Just about every innovative technology starts with security as an afterthought. It's not "right". But it is standard practice. Why would the first innovators worry about security when they have hundreds of other issues to work through, AND when 'obscurity' is pretty good security given the devices are a new category. As I said, it's not right, but it's normal.
Orville and Wilbur Wright did not worry about hijacking defenses. Should they have?
Carmakers computerized the CANBUS network and the OBDII in cars long ago. Should they have made it hack-proof?
The first smartphones (PalmOS, Windows Mobile) had few deliberate defenses against virus and attacks. But almost no attacks occurred.
Once again, I agree with you that this is not the best. It's better if security is built in from the start. But it almost never is. So why all the specific hate for IoT?