"Secure" is harder to do than you might think if you don't control any side of the equation - you can't guarantee the hardware because that shit is going to get cloned and hacked up as soon as you release it, and people are going to buy the device that supports more things (even if it does this by silently ignoring the invalid crypto bits on some things), and we're back to square one.
A closed system runs into problems with lock-out, forcing people to upgrade their old devices without a legal stick isn't going to work (and people are not going to VLAN off their crappy cameras if they haven't already), and all of our solutions for distributed webs of trust are vulnerable to majority takeover (say, if you compromise the largest vendor in the space).
It's not hopeless, it's just all imperfect solutions.
Power management, mobile and firmware developer on Linux. Security developer at Aurora. Ex-biologist. mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer. Also on Mastodon.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Re: maybe we should build better platform ?
Date: 2016-10-23 12:12 am (UTC)A closed system runs into problems with lock-out, forcing people to upgrade their old devices without a legal stick isn't going to work (and people are not going to VLAN off their crappy cameras if they haven't already), and all of our solutions for distributed webs of trust are vulnerable to majority takeover (say, if you compromise the largest vendor in the space).
It's not hopeless, it's just all imperfect solutions.