On Mon, 26 Nov 2018, David P. Reed wrote:
Personally, I think it's time to move "security" out of the military sector of government..
I think we need some kind of international cooperation body that develops guidelines that vendors can then slap their "approved by"-sticker on the box by complying to these guidelines. Problem here is that 99% of the population do not care about this, they just want to get their network running. That's why apple succeeds with their products, because they sell a "this is secure and works"-product, even if this security means you have to go to an authorized apple store to get your components replaced (because they're cryptographically paired for security reasons). It's possibly also that for most of Apples customers, this level of security is too high. People would rather have their pictures unencrypted and extractable without password from the device, compared to them being lost because the device was damanged otherwise broken.
So we need to come up with a security regime that makes sense for the most amount of people, and then try to still cater to the ones who want to do more/less.
-- Mikael Abrahamsson email: [email protected] _______________________________________________ Cerowrt-devel mailing list [email protected] https://lists.bufferbloat.net/listinfo/cerowrt-devel
