Dear Every Product Marketing Team in the World:

when you try to convince me I need to be able to access my toaster from anywhere on the Internet, this is what I hear:

Hacker taps into baby monitor, shouts at sleeping infant

A family’s baby monitor is compromised by someone who uses it to look around the room and shout at people. And, btw, the manufacturer designed the device such that all logs are lost when powered down.

All software has bugs. If you are lucky, the manufacturer has a process to try to find and respond to those bugs as rapidly as possible. It can never be as rapidly as necessary, however. Choose wisely what you put on the network.

I wanted to comment on this, because it’s kinda scary: someone’s personal domain was hijacked to get at his twitter account. Ars has a discussion about what happened, and the user himself did basically everything right. It was the employees of various companies (mainly his domain registrar) that facilitated the attack.

Picking up the pieces after the @N Twitter account theft

I use a personal domain for some of my email, so that hit close to home. My registrar allows me to “lock” my domain settings, basically meaning nobody can change anything until I login and unlock it. Would that have stopped something like this? I hope so. But even the best measures are not always successful at thwarting a determined attacker.

Now I’m going to get on an airplane, have fun contemplating the implications.