this post was submitted on 29 Apr 2024
168 points (96.7% liked)

Technology

59666 readers
2624 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] timlyo@kbin.earth 43 points 7 months ago (1 children)

Brands have to publish contact details so that bugs and issues can be reported, and must be transparent about timings of security updates.

The non headline part of the law sounds great to me.

[–] TheGrandNagus@lemmy.world 25 points 7 months ago* (last edited 7 months ago) (1 children)

Yeah I read the headline and thought what, then read the article and it actually seems pretty reasonable.

Devices should not come with a username of 'admin' and a password of 'admin', it's a disaster waiting to happen.

[–] RGB3x3@lemmy.world 7 points 7 months ago (1 children)

Is it really on the device manufacturer that people don't change the default password? That's advice that's been around so long and it's the first thing they tell you in computer training.

Default passwords have their use cases for testing, ease of set-up, and for device recovery.

[–] TheGrandNagus@lemmy.world 15 points 7 months ago* (last edited 7 months ago)

Yes, it should be. Sending someone a device with usr/pwd as admin/admin, for example, is completely reckless if it doesn't prompt the user to change it during setup.

it's the first thing they tell you in computer training.

You shouldn't need specialist training to use basic home products, and you shouldn't have to put up with extremely compromised security in the event of you not being technically-minded or you blitz through installations pressing next next next. Not everyone is or can be technically minded.

Plenty of products have protections in place designed to protect users in the realistic event that not everything will be used flawlessly 100% of the time.

PCs aren't shipped to you with always-on root-level access, gas hobs often have features to turn themselves off if they detect they've not been ignited, cars have all kinds of safety features, pills come in pop-packs to discourage taking a load at once by swigging a bottle, Switch cartridges taste like shit to stop babies from choking on them, etc. sure, not all of these should be legally required, but some absolutely should be.