Security has certain cost associated to implement it. That makes product more expensive without any additional market value. There must be certain external incentives to motivate spending extra effort
Security has certain cost associated to implement it. That makes product more expensive without any additional market value. There must be certain external incentives to motivate spending extra effort
> Security has certain cost associated to implement it
The article makes a strong case that, at least for minimum viable/ordinary security measures, the cost is $0.
The projector in question wasn't missing features that would have consumed any amount of the issuing company's margin to implement; it was missing features that would have consumed at most a couple of meetings and a junior dev spending 30min watching the first three YouTube results for "consumer device security issues", and then another 30min copy/pasting standard mitigations into place.
If they'd done the basic due diligence of putting a lock on the metaphorical door, they wouldn't have even had to spend the QA cycles making sure the lock was secure (though that would be nice). But instead they opted to ship sans security entirely.
> the cost is $0 > at most a couple of meetings and a junior dev spending 30min watching the first three YouTube results for "consumer device security issues", and then another 30min copy/pasting standard mitigations into place.
That's not $0 in my math. That's a total effort easily worth of a few thousands if not more from all aligning parties.