Posted by: Arian Eigen Heald
Data Breaches, information security, Stupid Technology, TCM (Truly Clueless Management)
I’m really not sure why a USB battery charger would need software to be hooked up to a computer, or a coffee-maker, for that matter. As much as I like computers, using a computer to charge batteries appears a bit circuitous, at best. (Please pardon the really bad pun.)
It seems that product vendors, in ever more desperate efforts to introduce something “new,” think that some piece of software will help (help them, that is). The problem is, this software is often developed without good quality controls, and probably without testing of any sort other than “it works!”
Once this product is handed off to suppliers and retail merchants, it is “untrackable” in most, if not all, respects. So a recall gives me little comfort. Especially since the sales for the Bunny’s charger started in 2007.
“Energizer is currently working with both CERT and U.S. government officials to understand how the code was inserted in the software,” Energizer said in a statement.
An additional question might be, “What are your quality controls for software that is issued with your products?”
It’s not that manufacturers are unaware of this issue. In 2007, Seagate Technology admitted that an unknown number of its hard drives left an Asian manufacturing plant with Trojan horses. (Wonder where they are now?)
And, of course, Best Buy’s digital picture frame, sold during the Christmas 2007 holiday season (was 2007 the year for this, or what?) with software that added a Trojan. Although the company made claims that it was making efforts to contact customers, (how, exactly?) it never specified the type of Trojan, nor did much more than post an announcement on its website.
Perhaps enough reputation failure will persuade manufacturers to improve their Quality Assurance practices ( how about a little security in the software development??)
Meantime, I guess it’s best to keep an eye on any software that comes with a “product.”