Re: Allow maintenance

Date: 2016-10-28 04:19 pm (UTC)
From: (Anonymous)
The people who could control updates - the users and the manufacturers - are not the people suffering from DDoS attacks. Even if someone else can do the work, one of those groups has to approve the update, and they've got no incentive to do so. Unless you create a new government agency that has the keys to update any IOT device. Luckily that's unlikely to happen, because government control of cameras inside your house does not sound like a great idea.

Also, it would still require a massive effort, because to be effective, you have to find and patch the security holes *before* malicious actors exploit them; as Matthew mentioned, competent attackers will disable update mechanisms if at all possible.
Identity URL: 
Account name:
If you don't have an account you can create one now.
HTML doesn't work in the subject.


If you are unable to use this captcha for any reason, please contact us by email at

Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.


Matthew Garrett

About Matthew

Power management, mobile and firmware developer on Linux. Security developer at Google. Ex-biologist. @mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer.

Expand Cut Tags

No cut tags