Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I am a lot more interested in the answers to questions like:

1. Why was there lateral spread across low-criticality devices fitness devices and avionics devices?

2. Why was there lateral spread across manufacturing, customer support, and PII regions?

3. What assurances are there that health information wasn't leaked?

4. What's the general security position around avionics, marine, and health data at Garmin?



You want to know if Garmin pushed malware/ransomware via its app onto 1 million smartphones? The apps seem to have been last updated July 21, and Garmin's systems were locked July 23, so.... ?


Segmentation is expensive and slows stuff down. Businesses are bad at segmenting risk.

I'd expect the avionics and marine stuff to be a little better due to compliance requirements.


I don't know. It seems like whenever a company needs to have data shared, it by default is siloed. Yet when a company needs siloed/segmented verticals, they are shared with no boundaries. You rarely hear about companies that have done it correctly, yet everyone has worked for a company that does it badly.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: