Stories
Slash Boxes
Comments

SoylentNews is people

posted by mrpg on Thursday December 22 2016, @09:20AM   Printer-friendly
from the Mirai-IoT-Botnet dept.

Canonical, maker of Ubuntu Linux and its Internet of Things variant, has discovered the obvious – that people cannot be trusted to secure their connected devices.

Thibaut Rouffineau, evangelist for Ubuntu Core and the Internet of Things, admitted late last week that developers and IoT device makers know people seldom update the firmware of connected devices. But, he argues, they probably don't realize how bad the security situation has become.

The distro maker says it surveyed 2,000 folks about how they dealt with connected devices. It found that less than a third of respondents (31 per cent) installed updates as soon as they were available. Some 40 per cent never knowingly updated their devices.

"In other words, consumers are leaving their devices open to exploits and hacks, from DDoS attacks to invasions of personal privacy or theft of personal data," said Rouffineau.

Why such disinterest? According to Rouffineau, almost two thirds of respondents felt that keeping software updated – their security – was not their responsibility.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by tibman on Thursday December 22 2016, @08:58PM

    by tibman (134) Subscriber Badge on Thursday December 22 2016, @08:58PM (#444837)

    The problem is when you have a box that has been offline or unable to get updates and it tries to go from very old to current. Rolling releases are stable when upgraded on schedule. But when you leap updates you can get unpredictable behavior. Gentoo, i'm looking at you. An IoT device probably shouldn't be running individual updates at all. The entire rom should be updated in one shot. That way if a device has been rooted (by an external hostile party) it gets fixed. Just upgrading the vulnerable package wouldn't perform any device cleanup.

    --
    SN won't survive on lurkers alone. Write comments.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2