Comment by quantummagic
1 day ago
Any device that participates in a DDOS needs to be recalled by the manufacturer, mandated by law. Make it potentially economically crippling to sell a vulnerable device, and security will be taken very seriously. Frivolous uses of tech, won't be worth the risk.
This just in: every computer manufacturer forced to recall every single computer model they've ever sold because some users use weak passwords.
I can't wait for all of them to switch to IOS-ified devices incapable of installing alternative operating systems or programs, as that would be the inevitable end solution for all these manufacturers if this was implemented.
Maybe that's a good thing; relying on users to choose good passwords is a cop-out. Systems should be safe-by-default. And owners losing their system if it participates in a DDOS, would add to the incentives to stop the nonsense. It persists because perpetrators, and those who unwittingly abet them, feel no consequences.
At that point, you should force the pain on the individual themselves. Why should all of us be handicapped because there's a couple morons that can't set decent passwords and connect their devices directly to the internet?
Even if the device removed the capability for passwords and used key based authentication, connecting it directly to the internet means if there's ever a vulnerability, all that was for naught anyway.
2 replies →
Does a weak user password have to provide remote access by default?