Spitballing IoT Security

Alan Buxey A.L.M.Buxey at lboro.ac.uk
Thu Oct 27 20:25:52 UTC 2016


>At which point the 3GS was almost 5 years old (having originally been
>released in June 2009) and had been already superseded by the iPhone 4,
>4S, 5 and 5S/5C.

But the release of and presence of those phones does not make the older phone suddenly stop working.  As noted,  the phone might be obsolete to those people hungering for the latest tech but as a phone and web client etc it still works fine. ....and will continue doing so whilst the battery is okay. ... and then,  with no updates it can be the next attack vector 

Which is the point.  These things stay out there...like those winXP boxes.  There are 2 choices

1) manufacturers are responsible for the devices.  No longer caring for them?  Recall them.  Compensate the users. 

2) stronger obsolescence.  eg kill switch/firmware tombstoning/network connectivity function ending timebomb

as a user of lots of legacy tech i find either option bad :/


More information about the NANOG mailing list