Originally Posted by Mrzev
Either way their product will be sold with those security holes. The big difference after this law is passed, when a company sets the price for its product, they will take it into consideration that it might be re-purposed for other things. A funny example is how FedEx or whatever company would deliver boxes for you to ship stuff with for free, and then people made furniture and random stuff with it. Example
I guess the way i see it, is that testing is one thing, but re-purposing a device is another. Kinda like white hat vs black hat. If your trying to validate if your modem is secure, thats one thing. If your modifing your modem so you can unlock the speed cap the ISP sets or unlocking all the chanels on your cable box is another.
I do agree with the fact that people should be able to tinker though. All i am saying is that companies need some time to switch over to this.
I'll only discuss the security implications, not the larger implications of 'owning' products without the right to fully utilize them which you seem to find all hunky dory. However, I do not understand how you can be so 'pro' company and revenues when you are the security victim in all this.
1- The products would not still be sold with security holes in them, because researchers wouldn't be risking the end of their lives as they know them to see if that baby monitor is really as secure as they claim it is. The personal risk you have to bear is staggering to try to help the greater good.
2- This hides the problem from the 'good' guys, because criminals are already using the vulnerabilities to their own ends. In addition, when 1 is conducted correctly, you can hold companies liable for the damages they cause, the REAL damages they cause from releasing insecure products.
3- Read #2 again, and really think about how ludicrous it is to allow companies to evade liability of wrongdoing by claiming copyright on the code, and putting researchers in prison for outing their mistakes, incompetence, and or apathy in securing products.
The law doesn't say anything about your motivations or goals, simply you are committing a felony by modifying or reverse engineering your
property. This is affecting you, right now in a really bad way. Companies don't need time to adjust to this, they need to be held to higher standards immediately by independent security research.
Originally Posted by brownbob06
I'm all for this, but why are people in here thinkinv this will cause them to not lose warranty for rooting their Android devices? You're modifying it with unofficial software and not using it as intended... This may make it not illegal, but it certainly won't help you keep your warranty, nor should it.
In regards to android devices, This.