Your submission was sent successfully! Close

  1. Blog
  2. Article

Thibaut Rouffineau
on 15 December 2016

Research: Consumers are terrible at updating their connected devices

Many developers and manufacturers of IoT connected devices will know that consumers are bad at updating the firmware on their connected devices, and that this fact is at the heart of many of the IoT’s security vulnerabilities. But what they might not know is just how bad.

Ubuntu recently surveyed 2000 consumers to better-understand their relationship with their connected devices. This survey revealed that, worryingly, only 31% of consumers that own connected devices perform updates as soon as they become available. A further 40% of consumers have never consciously performed updates on their devices. In other words consumers are leaving their devices open to exploits and hacks, from DDoS attacks to invasions of personal privacy or theft of personal data.

Consumers cannot (and should not) be expected to stay on top of every hack and critical software update; it’s simply not realistic. Nor do consumers particularly see this as their problem to solve. Of those polled, nearly two thirds felt that it was not their responsibility to keep firmware updated. 22% believed it was the job of software developers, while 18% consider it to be the responsibility of device manufacturers.

Register today for Ubuntu’s upcoming report on IoT security.

Canonical has taken the view for some time now that better automatic mechanisms to fix vulnerabilities remotely are needed as an essential step on the way to a secure IoT. We need to remove the burden of performing software updates from the user and we need to actively ban the dreaded ‘default password’, as Canonical has done with Ubuntu Core 16.

In January, Canonical will publish a new paper, ‘Taking charge of the IoT’s security vulnerabilities’, incorporating the full research findings and other exclusive industry stats. This paper will examine three key interconnected topics that, we hope, will ultimately help the industry with a blueprint to move forward:

  • The main IoT security vulnerabilities and why they exist
  • Current approaches to IoT security and why they aren’t working
  • Ubuntu Core’s blueprint for better IoT security

It’s clear to us that too many of the solutions to IoT security proposed today involve either mitigating security issues after-the-fact, or living in a world where IoT security problems are the accepted norm. This should not and cannot be the case. It’s time for the industry and the regulators to do their bit step up to the plate.

To pre-register to receive a copy of the ‘Taking charge of the IoT’s security vulnerabilities’ report, please click here.

Related posts

25 August 2020

Travel, CLIs, and sticky notes: Lilyana’s life as a Canonical UX designer

People and culture Article

Canonical is the company behind Ubuntu, but who are the people behind Canonical? This blog series is all about getting to know the different employees that make up our company. Lilyana Videnova is a Senior User Experience (UX) Designer who has worked on a wide range of Canonical products. We spoke with Lilyana to find ...

20 July 2020

Employee spotlight: Alice Cambridge, Inside Sales Representative

People and culture Article

Canonical is the company behind Ubuntu, but who are the people behind Canonical? This blog will be the first in a series getting to know some of the different employees that make up our company. We will be talking to people across roles and departments, starting with Alice Cambridge. Alice joined Canonical as a new ...

Christian Reis
24 January 2018

Meltdown, Spectre and Ubuntu: What you need to know

Cloud and server Article

As details of the Meltdown and Spectre vulnerabilities1 have become clearer a number of statements have been published by the multiple vendors affected; Canonical has issued advisories and updates on fixes and mitigations, the latest of which includes a first round of Spectre mitigations. However, most of these statements focus on the mec ...