Canonical, maker of Ubuntu Linux and its Internet of Things variant, has discovered the obvious – that people cannot be trusted to secure their connected devices.
Thibaut Rouffineau, evangelist for Ubuntu Core and the Internet of Things, admitted late last week that developers and IoT device makers know people seldom update the firmware of connected devices. But, he argues, they probably don't realize how bad the security situation has become.
The distro maker says it surveyed 2,000 folks about how they dealt with connected devices. It found that less than a third of respondents (31 per cent) installed updates as soon as they were available. Some 40 per cent never knowingly updated their devices.
"In other words, consumers are leaving their devices open to exploits and hacks, from DDoS attacks to invasions of personal privacy or theft of personal data," said Rouffineau.
Why such disinterest? According to Rouffineau, almost two thirds of respondents felt that keeping software updated – their security – was not their responsibility.
(Score: 0) by Anonymous Coward on Thursday December 22 2016, @11:44PM
Why should the user need to track updates, download an apply the firmware ?
IoT objects are connected to the internet, and so they should automatically query updates from the vendor and apply them immediately.
Maybe also provide a manual update path for people who want to be "in control" of their objects, or when vendor ends support after a few years.
The Botnet of cheap chinese IP-cameras that made a Ddos a few weeks ago did not even the *capability* to be upgraded, and had to be physically recalled. At the current point of technology and internet connectivy, upgrades should be mandatory.