In message <20161108035148.2904B5970CF1@rock.dv.isc.org>, Mark Andrews <marka@isc.org> wrote:
* Deploying regulation in one country means that it is less likely to be a source of bad traffic. Manufactures are lazy. With sensible regulation in single country everyone else benefits as manufactures will use a single code base when they can.
I said that too, although not as concisely.
* Automated updates do reduce the numbers of vulnerable machines to known issues. There are risks but they are nowhere as bad as not doing automated updating.
From a software perspective, building extra layers of constraints is not
I still maintain, based upon the abundant evidence, that generallized hopes that timely and effective updates for all manner of devices will be available throughout the practical lifetime of any such IoT thingies is a mirage. We will just never be there, in practice. And thus, manufacturers should be encouraged, by force of law if necessary, to design software with a belt-and-suspenders margin of safety built in from the first day of shipping. You don't send out a spacecraft, or a medical radiation machine, without such addtional constraints built in from day one. You don't send out such things and say "Oh, we can always send out of firmware update later on if there is an issue." that hard to do, and people have been doing this kind of thing already for decades. It's called engineering. The problem isn't in anybody's ability or inability to do safety engineering in the firmware of IoT things. The only problem is providing the proper motivation to cause it to happen. Regards, rfg