IoT security, was Krebs on Security booted off Akamai network

John R. Levine johnl at
Sun Oct 9 14:02:50 UTC 2016

On Sun, 9 Oct 2016, Florian Weimer wrote:

> If we want to make consumers to make informed decisions, they need to
> learn how things work up to a certain level.  And then current
> technology already works.

I think it's fair to say that security through consumer education has been 
a failure every time anyone has tried it.  Why do you think this would be 
any different?

> There is little interest in this, however.  There's a comparable
> business case for providing managed PCs to consumers, and I'm not sure
> if any such companies are still left.

There's at least two large ones: Microsoft and Apple.  Try installing 
Windows 10 without letting Microsoft update and reconfigure the software 
any time they want, any way they want.

Expecting consumers to evaluate the security behavior of their lightbulbs 
and their refrigerator is absurd.  We need to figure out how to have the 
devices and routers configure themselves so the devices can do what they 
need to do without doing what we really don't want them to do.

John Levine, johnl at, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail.

More information about the NANOG mailing list