Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment Re:Why? (Score 3, Insightful) 75

It sucks that you pay more for the lack of the smart TV functions... but the irony is that the "dumb" TVs will likely be around a longer time, after all the apps and firmware start failing due to no more updates, and the smart TV is serving the equivalent of Beenz and Flooz ads, assuming smart TVs don't move to an "always on" model, like modern gaming consoles, where if there is an Internet connection disruption, the TV will cease to work.

The good thing is that some off brands of TVs can be put into HDMI mode, and that's that... they don't bug you to update, they don't scan the airwaves for open Wi-Fi, and definitely don't have a LTE radio so they can slurp ads and spew telemetry.

Comment Re:Why? (Score 2) 75

One critical part of NFTs is security. Having a signing/wallet app which, when you tell it to pay x amount of ETH for a picture of an ape, you get the signed picture of the ape. However, with a TV offering that functionality, how do we know that the wallet used won't be emptied as soon as it is given access to one's ETH wallet?

Finding wallet apps is not hard. Finding trustworthy ones is. I would recommend people consider hardware wallets like Trezor, Ledger, or others that either have no direct Internet link, or use something like Bluetooth. Would I want to trust an app on my smart TV? What has Samsung done to make that app trustworthy? Is the source code audited? Is all the hardware on the TV as robust as the HDCP copy-protection chips to ensure physical tampering isn't a thing? How do I know the device won't get a rogue firmware update out of nowhere? What wallet backup mechanism is supported... and no, a backup in Samsung Cloud is not going to cut the mustard.

I don't even like smart TVs. I've read stories of some TVs refusing to work out of the box if they can't get a Wi-Fi connection for a "firmware upgrade" (i.e. ads), and the added functionality given by a smart TV is less than the amount of telemetry and metadata being slurped off. If a smart TV can't work with a HDMI connector, it gets returned as defective.

If smart TVs are so bad, then why would one trust a smart TV to do something as financially critical as NFT transactions? I'd trust my smartphone or desktop far more than I would a TV, until Samsung could provide proof of audit from a third party that they actually have something that is trustworthy... and this audit needs to have more than signed executables, jailbreak protection and DRM "features"... it needs to have protection via remote, solid key storage, and the ability to back stuff up, like a HSM... because a wallet app IS a HSM.

tl;dr, hard pass for me.

Comment Re:Most people are ignorant about computer securit (Score 1) 166

It really depends on what one is wanting. A VPN provides an encrypted tunnel, so just end to end encryption, a VPN is redundant. However, VPNs tend to be for privacy and having a certain IP range than security. For example, one can't really choose multiple ISPs. At most, they might have Comcast, or AT&T. However, one can choose VPN services, so even though one ISP logs everything and sells it, having a VPN that doesn't do that, provides a lot of privacy.

Then, there is access to remote resources. Having a VPN that connects you to a known stated address pool makes it easier to only allow a range for a remote connection. For example, someone having a linode machine can just limit incoming SSH to the IP range of a VPN service, which, when combined with key only authentication, or something two factor, can limit the attack surface from remote greatly. Especially if the VPN requires 2FA.

Even if the ISP is trusted, using a VPN on a device can be good, because any link in the chain on the LAN can be eavesdropping and logging traffic. By using a VPN, all those devices, be it a core router, edge router, gateway, AP, firewall, now just see traffic going from the device to the VPN server.

The VPN ads don't help. VPNs are not a magical security silver bullet. Stuff like having firewalls on connections and such are nice, but they are not something to make people go out and purchase a subscription. However, for people that want an increased privacy level, VPNs are definitely helpful.

Of course, it goes without saying... choose your VPN provider wisely. When Sara Palin had her email hacked, it was reportedly the VPN provider who delivered the goods on the user who did it.

Slashdot Top Deals

We all live in a state of ambitious poverty. -- Decimus Junius Juvenalis

Working...