Hacker News new | comments | show | ask | jobs | submit login

The FTC sued over insecure defaults because it said "secure" on the box.



IP Cameras from China have a number of issues of `calling home` adhoc. Granted to say even looking at their kernel's I tend to keep them completely on their own sub-net away from the net.


So MongoDB should state 'insecure out of the box' on their home page ? Just kidding sorry.


I don't think it's far fetched. I'd prefer a disclaimer "For the convenience of easy testing the defaults are NOT secure. If you intend to use it productively read the manual about secure configuration".




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: