On Mon, Dec 9, 2013 at 6:46 PM, Bjoern Hoehrmann <[email protected]> wrote:
> * Richard Barnes wrote: > >I'm thinking of things like these... > > ><http://bgr.com/2013/11/20/lg-smart-tv-spying/> > > > >... which do not seem like RFC-able things (so, the latter). Both are > poor > >design decisions; the first not applying authentication/authorization, and > >the second, well, just epically failing. What are you going to do, require > >someone to set a jumper for DNT? > > An LG Smart TV owner in the United Kingdom has shockingly discovered > that his device is sending unencrypted data over Wi-Fi containing TV > watching habits, as well as file names from external storage units > hooked up to the TV to an LG website, even though the TV’s privacy > settings should have prevented such behavior. > > Next device this data will be sent encrypted, with the keys and the > software secured by the TV's "DRM" system so Smart TV owners will no > longer be able to find out about such problems. > That actually seems like kind of a compelling rationale for authentication-only modes (as Bruce suggested) -- so we the network owners can see what our devices are doing. It's isomorphic to the enterprise case, but a little more intuitive for we end users. --Richard > -- > Björn Höhrmann · mailto:[email protected] · http://bjoern.hoehrmann.de > Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de > 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ >
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
