Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Well, how the vendor was going to apply other security updates if they cannot update their basic security trust store?

If the vendor is really unable to update, then it's at best negligence when designing the product, and at worst -- planned obsolescence.



1. Ship the product with automatic updates delivered over https

2. Product is a smart fridge or whatever, reasonable users might keep it offline for 5+ years.

3. New homeowner connects it to the internet.

4. Security update fails because the security update server's SSL cert isn't signed by a trusted root.


The real solution is making your shit modifiable by the client.

We do car recalls all the time. Just send out an email or something with instructions of what to put on a USB, it's basically the same thing.

Yes it's inconvenient for consumers and annoying but the alternative is worse. Essentially hard coding certificates was always a bad idea.


Yeah, participation in web tls requires the ability to regularly update your server and client code.

Nothing stays the same forever, software is never done. It’s absurd pretend otherwise.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: