
Europe to Push New Security Rules Amid IoT Mess - doener
https://krebsonsecurity.com/2016/10/europe-to-push-new-security-rules-amid-iot-mess/
======
m_eiman
Just some basic rules like:

\- no default passwords

\- no access from Internet until explicitly enabled by user

would make a world of difference. We'll still have to deal with bugs, but this
would go a long way.

~~~
dozzie
> \- no access _from /to_ Internet until explicitly enabled by user

This would be better. It would get rid of this IoT cloud madness.

~~~
pacala
No access to the Internet? How then can we [make money by spying on you]
provide you a better service?

~~~
dozzie
That's the whole point of _regulation_. Companies are forced to do something
in the interest of customer, even if it's not in their own interest (similar
thing to providing warranty, which costs and many companies would happily
ditch it if they weren't required to provide it).

------
brilliantzen
There should be some testing for IOT devices like the FDA clearance for
medical industry.

~~~
ilogik
Or just add it do the fcc testing that electronic devices already go through

------
doener
This is from before the recent Mirai DDoS attack.

