A device with a security vulnerability and is still functional represents a quantifiable risk. But it provides value as well. It's a trade for the user to make as to whether the risk, which might or might not be severe or even applicable to them, outstrips the value.
A "secured" device that is non-functional provides no value. It represents lost value to the user, as it once had value and now it doesn't. And it may even still represent an unknown risk due to some other undiscovered issue, depending on how thoroughly "shut down" it is.
It should be obvious that 1) the former almost always has more value than the later and 2) it should always be the owners'/users' of the devices choice whether to remove some or all functionality in response to a new security risk.
I'd be pretty (filing lawsuit) mad if some IoT gadget bricked itself "because security", when there's a 100% chance it didn't affect me. Everything IoT should be assumed 98% garbage and completely insecure at all times - the fact that I own/use it means I'm not either worried about security, or I've handled it.
2 comments
[ 2.5 ms ] story [ 16.7 ms ] threadA "secured" device that is non-functional provides no value. It represents lost value to the user, as it once had value and now it doesn't. And it may even still represent an unknown risk due to some other undiscovered issue, depending on how thoroughly "shut down" it is.
It should be obvious that 1) the former almost always has more value than the later and 2) it should always be the owners'/users' of the devices choice whether to remove some or all functionality in response to a new security risk.
I'd be pretty (filing lawsuit) mad if some IoT gadget bricked itself "because security", when there's a 100% chance it didn't affect me. Everything IoT should be assumed 98% garbage and completely insecure at all times - the fact that I own/use it means I'm not either worried about security, or I've handled it.