[SystemSafety] [External] Re: "Ripple20 vulnerabilities will haunt the IoT landscape for years to come"

[Driscoll, Kevin]

Amen, brother.  I've been jousting those windmills for too many years.  It seems the majority of websites now disregard the World Wide Web Consortium guidelines for providing alternatives to scripting, have no idea that they should use <noscript> at least to warn users that scripting is needed, and have no idea what 3rd party JavaScript they are dynamically loading.

From: systemsafety <systemsafety-bounces at lists.techfak.uni-bielefeld.de> On Behalf Of kevin at andreoli.co.uk
Sent: Thursday, June 18, 2020 3:05 AM
To: systemsafety at techfak.uni-bielefeld.de
Subject: [External] Re: [SystemSafety] "Ripple20 vulnerabilities will haunt the IoT landscape for years to come"

Ironic that on  the System Safety email list the provided link website insists on people allowing scripts to run.  Some cookies yes, scripts?  No Thanks.

Kevin Andreoli
Retiree.

From: systemsafety [mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On Behalf Of Jon Hind
Sent: 17 June 2020 23:29
To: systemsafety at techfak.uni-bielefeld.de<mailto:systemsafety at techfak.uni-bielefeld.de>
Subject: [SystemSafety] "Ripple20 vulnerabilities will haunt the IoT landscape for years to come"

I must confess I have steered away from IOT. I have often wondered about all those little ROM's and how they'd get updated

Am I worrying too much, or is this vindication ?


https://www.zdnet.com/article/ripple20-vulnerabilities-will-haunt-the-iot-landscape-for-years-to-come/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/pipermail/systemsafety/attachments/20200618/3131c96f/attachment.html>