Makers of phones, TVs and smart doorbells legally required to protect devices against access by cybercriminals
  • @[email protected]English
    112 months ago

    Usually, an impact study is made before such type of laws are made:

    • if this law is enacted, how much will it cost to the manufacturers to update their factory settings?
    • how will this be impacted on the device cost in the UK compared to other markets?
    • how many users will get stuck when losing the unique ID of the device, what are the recovery procedures, how costly is it to end users?
    • how many users will be protected by the measure and what cost for society does it represent?
    • how many users will set a dumb password anyhow and what is the cost for society?

    I’d be curious to see the impact study, as many of those are actually botched.

    • magic_lobster_party
      102 months ago

      Most routers already have non-standard passwords by default. At least in EU. I’m not sure which devices besides routers and IoT peripherals are affected by this bill.

      • @[email protected]English
        12 months ago

        All of them I’ve seen do use non-standard passwords for the web access portion, however it’s been a mixed bag for the admin controls on the router OS itself. It’s often just admin/admin.

        Which is crazy. I could, if I were inclined, log into the router in someone’s house/business if they haven’t changed the admin password, but they have provided me with a password to access the web. Most people don’t bother changing the admin password.

    • metaStatic
      82 months ago

      a user set weak password is infinitly more strong than a known default.

      admin
      admin

      • AmidFuror
        12 months ago

        That makes a strong password a million times infinite strong.