Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Thursday March 29 2018, @04:44PM   Printer-friendly
from the Protecting-the-product-or-the-public? dept.

The U.S. Consumer Product Safety Commission is conducting a public hearing on the safety of internet-connected consumer products, and is requesting comments.

The Commission hearing will begin at 10 a.m., on May 16, 2018, and will conclude the same day. The Commission hearing will also be available through a webcast, but viewers will not be able to interact with the panels and presenters through the webcast.
...
The growth of IoT-related products is a challenge for all CPSC stakeholders to address. Regulators, standards organizations, and business and consumer advocates must work collaboratively to develop a framework for best practices. To that end, the Commission will hold a public hearing for all interested parties on consumer product safety issues related to IoT.

Although this explicitly does not cover data security and privacy it covers many of the other issues seen with IoT devices.

Comments can be submitted to the commission through the web portal:

You may submit written comments, identified by Docket No. CPSC-2018-0007
...
Electronic Submissions: Submit electronic comments to the Federal eRulemaking Portal at: www.regulations.gov. Follow the instructions for submitting comments.

Seen through the Internet Of Shit twitter feed.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by JoeMerchant on Thursday March 29 2018, @09:15PM (3 children)

    by JoeMerchant (3937) on Thursday March 29 2018, @09:15PM (#660200)

    public key cryptography never took off

    Because the people promoting it expected normal people to make their own keys.

    The government _could_ make a key pair, record the public side, "forget" the private side, and give it out in a widget when they issue an ID card.

    Do you trust your government to properly "forget" the private side?

    Maybe I do, maybe I don't, but I damn sure trust that handing people a functioning authentication card with secret key embedded would work a whole lot better than the DIY method we've had since the 1990s.

    --
    🌻🌻 [google.com]
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 0) by Anonymous Coward on Thursday March 29 2018, @10:17PM

    by Anonymous Coward on Thursday March 29 2018, @10:17PM (#660220)

    No one argued that we should use the DIY methods we've had since the 1990s.

    Try again?

  • (Score: 2) by Runaway1956 on Friday March 30 2018, @01:44AM (1 child)

    by Runaway1956 (2926) Subscriber Badge on Friday March 30 2018, @01:44AM (#660261) Journal

    That's hilarious. Government refuses to forget ANYTHING. I'm pretty damned sure that government knows that I don't like Lima beans, or green jello, but I love Boston baked beans, and red jello.

    No, government is most certainly not going to forget your private keys, if they issue them.

    • (Score: 3, Interesting) by JoeMerchant on Friday March 30 2018, @03:42AM

      by JoeMerchant (3937) on Friday March 30 2018, @03:42AM (#660277)

      No, government is most certainly not going to forget your private keys, if they issue them.

      Depends on your government...

      U.S.A.? I'd say the only chance of them actually forgetting the keys would be 5% and that would be due to mishandling of data they intended to remember somehow (whether publicly acknowledged that they kept the keys, or not).

      Finland? I'd give closer to a 90% chance that they would actually destroy their copy.

      And... in the end, does it really matter if the secret key is shared between you and an inept government agency? I'd say it's a hell of a lot better than the current system with social security numbers that are supposed to be confidential but actually are tracked by every entity with the slightest excuse to run a background or credit check.

      Now, we can easily imagine system whereby citizens who care can register a new public key, using the government issued secret key to sign it and "officially" authenticate their new secret key that they have controlled since its creation. But, in the world I've been living in, less than 1% of the population would go through the time and effort to take a step like that.

      --
      🌻🌻 [google.com]