On 9 January 2014 21:51, rh_ <[email protected]> wrote:
> On Thu, 9 Jan 2014 08:36:27 -0800 (PST)
> Martin AA6E <[email protected]>
> wrote:
>
> > This article by Bruce Schneier is sobering, and it applies to most of
> > us building embedded systems. Some of us may get security updates
> > via repositories (e.g. Ubuntu), but generally you won't get new
> > kernels this way. How many Beagle-ish systems are out there attached
> > to the Internet, but with ageing kernels and unpatched for a long
> > time? How can we manage this better in the future?
>
> Manage what? You mean taking kernel updates where you didn't before?
> Don't you just uncomment a couple of lines in a config file?
>
> As for sobering doesn't everyone by now know the state of "security"
> in regards to computing
>
>
It's a reasonable bet that in 2014, most desktop systems have automatic
upgrades turned on (or they're at least actively managed by someone). By
contrast, when was the last time you upgraded the firmware on your router?
Your TV? And in a few years, your fridge/light bulbs/running shoes/bathroom
scales?
Turn it around: if you're shipping a device with an embedded system
connected to the net, do you really want to enable automatic downloads of
new kernels? What if the upgrade fails? Do you provide a way for the user
to fix it ("short the reset pins on your light bulb..." - good luck getting
that one to market!), you issue an RMA or you suffer a reputation for
unreliability? All of those cost money. Schneier talks a lot of sense.
--
For more options, visit http://beagleboard.org/discuss
---
You received this message because you are subscribed to the Google Groups
"BeagleBoard" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
