[Cryptography] Schneier's Internet Security Agency - bad idea because we don't know what it will do
Kevin W. Wall
kevin.w.wall at gmail.com
Mon Feb 27 19:06:20 EST 2017
On Sun, Feb 26, 2017 at 6:31 PM, Peter Todd <pete at petertodd.org> wrote:
...<snip>...
>
> Non-open-source IoT devices OTOH have functionality that's hidden from the
> user, and thus the responsiblity for that functionality should lie with the
> people responsible for that functionality. The user was entirely reliant on the
> manufacturer to produce a secure device.
Maybe the "punishment" should be if the manufacturer screws up, they are
required to open-source all of their proprietary code. In the sort term,
of course, that would result in all sorts of additional havoc, but it
may provide an appropriate incentive if the company wishes to stay in
business and we wish to stear clear of lawsuites for software.
-kevin
--
Blog: http://off-the-wall-security.blogspot.com/ | Twitter: @KevinWWall
NSA: All your crypto bit are belong to us.
More information about the cryptography
mailing list