Reply to post: Re: What?

Researcher criticises 'weak' crypto in Internet of Things alarm system

Paul Crawford Silver badge

Re: What?

Indeed 2-3 years is taking the piss, but that is what we see with the majority of smartphones. You have to look hard to find any getting support or security updates even when under 1 year old, let alone 3.

But this misses the point - such shit security practice like unencrypted communications that reveal passwords, etc, have been known to be shit for decades so there is no excuse. It simply comes down to companies not employing staff or external support (e.g. penetration testing, etc) who know what they are doing when it comes to security. So many of the bugs that keep coming up, and design flaws, are well known and often (in some cases, like memory abuse) picked up by compiler warning and static analysis tools. That don't get used.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019