Software needs to be updated though, certificates need to be checked and all tha... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

blablabla123 on March 22, 2021 | parent | context | favorite | on: The S in IoT is for Security

Software needs to be updated though, certificates need to be checked and all that. That's only possible with Internet - unless you run your own CA, Package Mirror on the local network. That said, there is also a trade off between having a having ports open for REST vs. having a gateway (whether that's on the local network or on the Internet). Also it's probably a difference whether one plans to update the installed system every now and then or whether that should be fully automated...

denysvitali on March 22, 2021 [–]

This is true, but honestly I have almost never seen an IoT device getting updated for security reasons - instead they seem to update things OTA to just add more crap to it.

In any case, a CA lasts ~20-30 years. Hopefully the IoT device will be dead by then

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact