This year has seen an unprecedented number of digital attacks. A couple months ago, my network vendor of choice, @Ubiquiti , was hit by a breach. Now, more information has been published over at @arstechnica . I am now looking into replacing my Unifi gear due to this incident. Take a look:

@itguyeric No defense of Ubiquiti from me, but aren't we supposed to assume all networking gear is APT'd to hell and back, so encrypting everything is on us? @aag @thegibson

@alrs @aag @thegibson I agree it’s up to us to secure our traffic. My goal though is to not have to create cloud accounts on some one else’s server just so my light or wireless speaker can work as intended.

@itguyeric @alrs @aag

Every device and service gets pwned.

It's how you handle the response that matters, and UBNT did muck that one up pretty bad.

I'll still be using their equipment... because anything else I buy will have similar issues.

Take Cisco for example...

just make a note that I said Cisco later.

@itguyeric @alrs @aag

All that said... You have every right to be angry about it.... They responded abysmally.

but any other product you use in these roles will have intrinsic weaknesses. even the open source ones(although I suspect they will be a rarer occurrence).

The truth is that there is not a profit model in securing code. Make that make money (or conversely punish it in some real and measurable fashion) and you'll get better results.

This is a bigger problem than just UBNT.

@thegibson @itguyeric @aag It helps that "cyber-insurance" usually doesn't cover attacks from nation-states. Hopefully someday soon it will just be flat-out illegal to buy or sell insurance against hacks.


@thegibson @itguyeric @aag imagine the effect on IT salaries if businesses actually had to give a shit about :)

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!