• alb_004@lemm.eeOP
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    7 months ago

    How they know what password we use in our device ? Do they scan our device without our permission ?

    • Th4tGuyII@kbin.social
      link
      fedilink
      arrow-up
      0
      ·
      7 months ago

      From what I see on the article, it looks like it mostly applies to manufacturer set passwords - though it does look like the devices are now required to prompt the user if they try to set a weak or common password (though I can’t remember the last time I wasn’t prompted)

    • Zikeji@programming.dev
      link
      fedilink
      English
      arrow-up
      0
      ·
      7 months ago

      The law is for devices that come out of the box with a weak default. Like buying a wifi hotspot where the default is “admin123” would be bad. The default being random and printed on a label in the device is probably what this is aiming to usher in.

      • metaStatic@kbin.social
        link
        fedilink
        arrow-up
        0
        ·
        7 months ago

        it’s been a very long time since I’ve seen a default that wasn’t random or a unique pass phrase

    • drkt@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      0
      ·
      7 months ago

      That’s not what this law is about, but yes actually they do!

      I’m not even in the UK and my domains get hit by UK authorities that claim to be scanning for vulnerabilities

    • it3agle@lemm.ee
      link
      fedilink
      English
      arrow-up
      0
      ·
      7 months ago

      It’s for manufacturer passwords, not ones set by users.

      The legislation is to help regulate the manufacturers of IoT devices, not the users themselves.