Dude, I could build said device. There are plenty of modular and cheap ways to do it. Arduino comes to mind.
Moreover, how many people are walking around with these devices anyway? You might set a device up in central station in New York and only have a single person walk through the building in a day with one - or even one per week for all you know. It would only be a decent random attack if you were, say, hanging around a diabetic clinic or something similar. Otherwise, you would be wasting time.
So? Twist things as much as you like, add technical statistics as much as you like, it doesn't change anything. Would you feel comfortable if you were wearing a device that could kill you if some determined "enemy" wanted without trace? It doesn't help the ones that use it and are targeted by somebody. Even if the 'casual' attacker scenario is unlikely, a targeted attack is very, very easy.
I saw you going out of your way to protect the company. Are you in their payroll or something?
This reminds of earlier news that law enforcement went after Signal with overly broad subpoenas and Signal could provide exactly nothing because their stuff are end-to-end encrypted and they keep minimal info. Sure law enforcement can request targeted monitoring of available information such as size of the traffic and metadata but they will be forced to do their investigative jobs. Other companies should take note.
According to a quick Google conversion this means 7,62 meters or roughly medium sedans. A targeted attack would be incredibly easy at such distance not to mention some ill intentioned person could simply set up a device to constantly issue 'kill' orders for some of those medical devices and just walk around. Because humans don't need reasons to be evil.
Low risk? How low was the risk of a terabit DDoS attack when this IoT thing started?
I don't agree with that, because the companies don't have a history of outright lying on things like this, but the way the NSA and other parts of the US government have repeatedly tried to pressure them and gag them, it's much tougher to take anything at face value any more. And that's not good for anyone.
I said it yesterday and people much smarter than me have been pointing this since Snowden. The best comment yesterday was something like: assume everything is compromised and act accordingly. And I'm already doing it by encrypting whatever I find sensitive but can't remain in an offline storage for some reason.
Ironically this may push towards these services using open source, end-to-end encryption to have a good marketing point. So we may actually emerge in a better state after all this surveillance is scaled back (hoping it will).
Good point. Reading the update documentation is a good start though Microsoft is being criticized by the lack of helpful information about their updates recently. So the waiting window would be variable.
As if Yahoo needed any more nail in its coffin. And it will spill in other companies as the article notes. The US Govt via their intel are dismantling any and all trust people had on their companies. One has to wonder how much it has already cost. In the end, no terrorist has ever done as much damage as the Govt itself did to the country be it by eroding Constitutional rights or directly by driving people away from doing business with the US.
including HP patting itself on the back for being ultra-transparent and proactive after its customers began brandishing pitchforks
Still, the damage has been done. No more firmware updates before it's well tested for me. If HP did it, what prevents others from doing the same? Microsoft has paved the road too. I was reluctant to fully ditch Windows because of the hassle. Their abuse of the update system in the W10 upgrade fiasco has provided me with enough incentive.
And encryption prevented the abuse of the overly broad subpoena. Note this is the US, supposedly the land of the free (at least nominally). Remember this could happen elsewhere where at least nominally there's no free in the land.
Finally! We can eat tacos on tuesdays! Horraaaaay!
The amusing bit here is that people will keep living their lives and happily ignoring copyright once it steps over rights it should not. But at least we got one more thing we can rightfully use for free.
More bullshit, courtesy of whatever and his friend trolls!
It's like copyright abuses, right? All exceptions! Exceptions that happen everyday, almost every time the MAFIAA sends some dmca notice. But alas, exceptions!
Bad apples may be a defense when it's about very isolated incidents and the 'bad apples' are tossed out. It's clearly not the case. But hey, let's twist and distort the things to defend the establishment, no?