Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

First, thank you for posting. Insiders can provide unique persepectives.

    > Even keeping the Linux kernel up to date with the latest version is a major undertaking.
Dumb question: Why does an old Nest need an updated Linux kernel?

    > investing in devices that are local first is certainly good advice, provided the APIs are open and well supported.
Do you have any examples that could sufficiently replace old Nests?


"Why does an old Nest need an updated Linux kernel?"

Old versions that no longer receive security updates is a major issue


For general purpose computing - yes.

For a thermostat, with presumably an attack surface that could be made arbitrarily small (albeit by removing non essential features) -why?

Surely this means all embedded devices are a serious liability?


I'd be worried about any internet-connected IOT device in my home. It the very least it can snoop on traffic. The Nest in particular could a) use it's motion detector to report if you are home b) harass you through temperature changes (and maybe even gaslight you by not showing them) c) maybe overload something (itself?) and cause fire?

That's just what I can come up with sitting here and having no in-depth knowledge. I am sure actual security experts could come up with more scenarios.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: