undefined | Better HN

0 pointsegberts12y ago0 comments

All remote are more potentially hostile than any local will ever be.

0 comments

And the company doesn't even have to be actively hostile for remote to be risky.

The company could go out of business and shut down their servers. Or shut down the servers because they're no longer selling the product.

Sometimes incompetence is as bad or worse than malice. The company could break an API accidentally. Or the API only works intermittently. Or they could add poorly-implemented rate limiting that unintentionally affects multiple users when they share an IP via NAT.

egberts1OP2y ago

Or worse, someone else spins up a server in its place.

rjmunro2y ago

And a local integration can be hostile if it's not publicly documented and they can update it / make it go away with an over the air update.

What matters is that they provide proper documentation for their APIs, encourage devs to use them, and don't have a history of breaking old clients with new firmware updates (without very good security reasons).

lawn2y ago

Yes, but some can't be local. For instance an integration that scrapes news from a website.

TeMPOraL2y ago

Sure it can be local - in the sense that all control and scrapping lives on your machine.

But in general, OK - some things are better done via an on-line service. But it's the minority of cases - almost none of IoT devices have a legitimate reason to route control and diagnostics through the cloud.

j / k navigate · click thread line to collapse