| Rich Freeman via plug on 28 Nov 2020 14:35:16 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] IoT Unravelled: parts 1 to 5 |
On Sat, Nov 28, 2020 at 3:45 PM Chad Waters via plug <plug@lists.phillylinux.org> wrote: > > Related: This bill recently passed the house and senate and is awaiting a presidential signature. Compells NIST to formulate security standards for IoT devices. > > https://www.govtrack.us/congress/bills/116/hr1668 > Didn't read the gory details, but how likely do you think that NIST comes up with standards like this: * Encouraging open-source * Mandatory security updates for 10 years * Safeguards to only allow user-authorized firmware changes vs: * Can only run vendor-signed firmware * Remote access by NSA in case they need to rapidly deploy a security hotfix * Blocks access to hacking tools like ssh, linux, etc. I'd love to see security for IoT stuff, but it just seems like this is the sort of thing the government often gets wrong. -- Rich ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug