Stories
Slash Boxes
Comments

SoylentNews is people

posted by on Monday January 09 2017, @04:11PM   Printer-friendly
from the theoretical-harm dept.

A Federal Trade Commission attempt to rein in a poorly secured IoT device is raising questions over whether the U.S. regulator has the power to crack down on vendors suspected of shoddy practices.

On Thursday, the FTC filed a complaint against Taiwanese manufacturer D-Link Systems that charged the company's internet routers and web cameras can easily be hacked, putting consumers at risk.

But the FTC's complaint doesn't cite evidence that the products have been breached, only the potential for harm to consumers.

That's among the reasons D-Link is contesting the complaint. "Notably, the complaint does not allege any breach of a D-Link Systems device," it said in a statement.

"Instead, the FTC speculates that consumers were placed 'at risk' to be hacked, but fails to allege, as it must, that actual consumers suffered," the company said.

-- submitted from IRC


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Interesting) by DannyB on Monday January 09 2017, @06:50PM

    by DannyB (5839) Subscriber Badge on Monday January 09 2017, @06:50PM (#451562) Journal

    The companies involved should create their own independent organization to [certify and test similar to Underwriters Laboratories]

    Let's get corporations to police themselves. Foxes should be put in charge of hen houses.

    I think the policing must be done by the government. There must be a penalty for selling an easily hackable device. I think the FTC is doing the right thing here. Now if the companies want to work together to form a testing laboratory that rates and/or certifies IoT devices, I don't see a problem. However that certification doesn't get them off the hook for liability of damages by their devices getting hacked and causing massive damage. That certification merely serves as a consumer guide on which toasters you want to avoid because they might burn your house down. Even better is if IoT companies work together to pool effort in making things more secure. Some IoT base distributions designed for different levels of IoT devices. Some IoT Best Practices, etc.

    Also imagine this: companies offer rewards for being the first to privately disclose to them a vulnerability in their IoT product. They would have an incentive to offer such bounties on bugs if they had financial liability for damages by their IoT devices getting hacked and participating in a cyber pearl harbor attack.

    --
    People today are educated enough to repeat what they are taught but not to question what they are taught.
    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3