Hacker News new | comments | show | ask | jobs | submit login

The FTC sued over insecure defaults because it said "secure" on the box.

IP Cameras from China have a number of issues of `calling home` adhoc. Granted to say even looking at their kernel's I tend to keep them completely on their own sub-net away from the net.

So MongoDB should state 'insecure out of the box' on their home page ? Just kidding sorry.

I don't think it's far fetched. I'd prefer a disclaimer "For the convenience of easy testing the defaults are NOT secure. If you intend to use it productively read the manual about secure configuration".

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact