I tried to put a password on a device I contracted to do. Just the serial number, the installer reads it off and types it into their phone. Simple! Different for every device!
The manufacturer said Too much trouble for the installers! Just leave it open.
Sigh.
I compromised, made the bluetooth connection work for 10 minutes after power-up, give the installer time to connect (it wouldn't shut down as long as there was a connection), initialize the device.
See, now it wasn't 'open' for more than 10 minutes total. After that you needed physical possession of the device to connect again (power-cycle it).
They accepted that. It was something, not the same as security but at least the window of vulnerability was smaller.
I tried to put a password on a device I contracted to do. Just the serial number, the installer reads it off and types it into their phone. Simple! Different for every device!
The manufacturer said Too much trouble for the installers! Just leave it open.
Sigh.
I compromised, made the bluetooth connection work for 10 minutes after power-up, give the installer time to connect (it wouldn't shut down as long as there was a connection), initialize the device.
See, now it wasn't 'open' for more than 10 minutes total. After that you needed physical possession of the device to connect again (power-cycle it).
They accepted that. It was something, not the same as security but at least the window of vulnerability was smaller.