On Tue, 27 Sep 2016, Brielle Bruns wrote:
I don't see how this is a problem exactly? If people want to buy devices that connect to their home network, they need to be aware of what these devices can do, and it is their responsibility.
I understand that is what you want. What you might like. What we all would like. People taking responsibility for their impact on others. Unfortunately people plug things in, and if they work for them, they don't even think about how what they are doing might affect anyone else. In some cases, they don't even care. They've got soccer games and work and TV shows and kids and family. Who has time to become an expert in Internet security? Google is doing a great job of annoying or alerting customers to potential issues, such as the red lock icon on their email, indicating that the email was sent unencrypted. The user gets worried (oooh, a red lock, that must be bad, I'm going to yell at someone to fix it for me) and the service provider jumps to improve the Internet, ideally. FreeBSD updated their default config so you have to proactively remove email encryption. If we are truly worried about IoT and consumers contributing to the downfall of the Internet, force the consumer router manufacturers and third party firmware folks to implement whatever is necessary to make filters and blocking the default. 90%+ of consumers don't change any settings, beyond the SSID and Wifi Password, and those who do might take the responsibility you want. Get the ISPs to realize that secure-by-default consumer routers that they distribute saves them millions/billions of dollars annually in customer service and security personnel. Secure-by-default routers means cost-savings. Get ISPs to pressure manufacturers to implement measures to protect their own network and the Internet from the non-network-admin consumer. We tech folk need to do this for the Internet citizens who don't know, don't care, or don't have time to mess with it.
If Timmy Numbnuts doesn't understand that plugging in a random device he found at Goodwill to his network could potentially carry liabilities, then he will keep doing it.
Timmy Numbnuts needs to be protected from himself, so when he plugs in that device, it doesn't do any harm to anyone but his own network. He'd have to proactively turn off features or filters on his Router in order to harm others.
I point to the current trend of parents watching and smiling, doing nothing as their kids destroy people's stores and restaurants. ISPs are literally doing the exact same thing when it comes to coddling their customers.
Automation and default configs means customers don't have to do anything, nor think about it. They are protected both FROM harm from the Internet and FROM harming the Internet, at least by default. Beckman --------------------------------------------------------------------------- Peter Beckman Internet Guy beckman@angryox.com http://www.angryox.com/ ---------------------------------------------------------------------------