It could label qualifying items like smart fridges…

  • conciselyverbose@kbin.social
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    So I’m not entirely sure I can trust that there will be useful regulation, but it’s definitely an area where useful regulation is desperately needed. Smart everything in the privacy of your home sounds great until you look at how absurdly huge of an attack vector they create. The data exfiltration is bad on its own, but the possibility of deliberate back doors with minimal consequences for lesser known brands is out there, and even “credible” brands mostly don’t put near the effort into security they should.

    Ideally I would make it a requirement that devices could be configured to never phone home (and published APIs or used standardized ones for self hosting). It won’t happen, but without it the companies willing to subsidize devices to be spyware have a massive competitive advantage.

      • conciselyverbose@kbin.social
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        I’d love to roll my own, eg if/when open source or standalone hardware that doesn’t rely on external services is an option. The major players agreeing on Thread means it might be a plausible option at some point.

        But right now it’s a minefield.

  • enfa@kbin.social
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    we’ve already got an “S” for Security in the IoT name, why do you need a separate Mark to call out how trustable ‘smart’ devices are?

  • Chris_ni@kbin.social
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    This is not a good idea. Labelling certifications for things like electrical safety or radio emissions standards make sense, as they’re meeting regulatory requirements.

    The problem with Cyber Security is there is no such thing as perfectly secure. A secure device today, could have a vulnerability discovered tomorrow. Additionally, a big part of Cyber Security for devices is maintaining software/firmware patching is up to date. A stamped mark to say something is secure would provide a false sense of security, and could reduce the awareness of the user to the potential risks of not maintaining their devices.