@foone it would have made very little difference if they shipped a key instead of a password, but these people clearly don't know what they are doing
Top-level
@foone it would have made very little difference if they shipped a key instead of a password, but these people clearly don't know what they are doing 3 comments
@foone they totally could have and instead of ssh they could have used mqtt with some basic acls which would have prevent reading other people's location, but also save the overhead of the ssh handshake |
@panda could have individual keys per device and revoke them as the devices leave service. as it is, they can't do that without changing the passwords on every device