On Friday, January 24, 2014 5:27pm, "Dave Taht" <dave.t...@gmail.com> said:
> and also, suddenly every device with a web server on it on 80 and 443 > is vulnerable, ranging from your printer to your fridge. One of the reasons I like the "Cerowrt project" is that it focuses on fixing the aspects of the Internet plumbing that are due to careless practices like presuming that a printer or fridge will be protected inside a "firewall" and thus need not be designed correctly. It reminds me of the attitude toward safety taken by the Auto Industry prior to Ralph Nader. (whether you like Nader or not, his point was correct at the time - GM and Ford engineering did not design sufficiently safe cars, and that had a huge social impact that individuals could not cope with). We now have printers and fridges that are "unsafe at any speed", just as we have access networks that are knowingly designed to get bloated under stress, amplifying the stress rather than ameliorating it. Now there may be "temporary kludges" that can protect the printers and fridges thus misdesigned - and NAT firewalls are possibly OK in that light. But honestly, I want to be able to connect to my printer from anywhere. For a few bucks I can probably build a front-end box for my printer that is a printer server based on encrypted connections (using SSL with certificates, perhaps). E.g. for each printer and fridge, a Raspberry Pi with a USB WiFi interface, connected directly on IPv6. That's about $50 per badly designed consumer electronics device. I'd prefer, however for the printer makers, etc. to make this a standard. To do so, we need an open source project like Cerowrt to show the way, perhaps starting with the front-end box that implements the standard, since adding software to a printer or fridge itself is hard.
_______________________________________________ Cerowrt-devel mailing list Cerowrt-devel@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/cerowrt-devel
