Holcomb compared the problem of fixing routers to traditional PCs. "In most cases, automatic updates are enabled for Windows and Mac," he said. But, he added, "even if a router manufacturer were to implement a similar feature, most people don't log into their routers."
Basically, because people have been trained to think of the router as a set-it-and-forget-it device, and one without security flaws, it's nearly impossible to get them to update router firmware.The fix won't be an easy one, at least not logistically. "I think the solution is for routers to automatically update, and give users the ability to opt out of it," Holcomb said. While TP-Link fixed all the vulnerabilities that ISE reported to it, D-Link has never responded. And Linksys, he said, chose not to repair many of the vulnerabilities reported to it.
No comments:
Post a Comment