This is an obviously good thing.

  • AutoTL;DRB
    link
    fedilink
    English
    107 months ago

    This is the best summary I could come up with:


    A new version of the 2022 Product Security and Telecommunications Infrastructure Act (PTSI) is now in effect, covering just about everything that a consumer can buy that connects to the web.

    Under the guidelines, even the tiniest Wi-Fi board must either have a randomized password or else generate a password upon initialization (through a smartphone app or other means).

    This password can’t be incremental (“password1,” “password54”), and it can’t be “related in an obvious way to public information,” such as MAC addresses or Wi-Fi network names.

    A device should be sufficiently strong against brute-force access attacks, including credential stuffing, and should have a “simple mechanism” for changing the password.

    Violations of the new device laws can result in fines up to £10 million (roughly $12.5M) or four percent of related worldwide revenue, whichever is higher.

    Besides giving consumers better devices, these regulations are aimed squarely at malware like Mirai, which can conscript devices like routers, cable modems, and DVRs into armies capable of performing distributed denial-of-service attacks (DDoS) on various targets.


    The original article contains 265 words, the summary contains 171 words. Saved 35%. I’m a bot and I’m open source!