[EAS] Another EAS hack: Zombie alerts

Fri Mar 3 21:56:52 CST 2017

Thanks, Ed. It may run against populist received wisdom, but no one knows better than us bureaucrats what a blunt instrument regulation is.  It's just that in the real world perfect markets tend to be the exception rather than the rule.

On Mar 3, 2017, at 7:43 PM, Ed Czarnecki <ed.czarnecki at monroe-electronics.com> wrote:

Oops - sorry for the disjointed throughts/grammar - I was doing this on a smartphone and meant to save it for later, not send it in that state.

Anyways, I get what you are saying - all equipment manufacturers (not just EAS) need to attend to their product security, failing that - it would be preferable for the market to challenge the manufacturers, rather than the FCC (or FTC) to use the heavy hand of regulation.

From: Ed Czarnecki [mailto:ed.czarnecki at monroe-electronics.com]

The problem with market power in this case is that the majority of broadcasters buy this type of equipment once and try to keep it in use for 15 or 20 years.  So is there any market power is kind of a wet noodle when these guys are in the habit of not paying for anything anyway.

This explains why some kept the old EAS devices originally purchased in 1997 and opted for a bolt on converter box to meet the later CAP obligation.

I do have to acknowledge that market power does work on the cable and IPTV side where they have much more mature network and security requirements.  Our next two software releases should start to leapfrog in in terms of security, and our cable customers have an incredibly helpful in terms of sharing their requirements

Ed Czarnecki
Senior Director - Strategy and Global Government Affairs.

585-765-2254 | fax 585-765-9330
100 Housel Ave. | Lyndonville | NY | 14098
www.monroe-electronics.com
www.digitalalertsystems.com

CONFIDENTIALITY NOTICE: The contents of this email message and any attachments are intended solely for the addressee(s) and may contain confidential and/or privileged information and may be legally protected from disclosure. If you are not the intended recipient of this message or their agent, or if this message has been addressed to you in error, please immediately alert the sender by reply email and then delete this message and any attachments. If you are not the intended recipient, you are hereby notified that any use, dissemination, copying, or storage of this message or its attachments is strictly prohibited.

From: Botterell

In my personal view this problem starts when vendors ship their product in an insecure configuration and expect their customers to correct that insecurity.  We can wag our fingers at station staff all across the nation, but I think we all know how much that will achieve.  Or we could demand that vendors render their boxes secure-on-delivery.  Shipping each box with a unique initial password would be a start, and Ed has suggested some other steps that might work as well.

Ideally broadcasters would apply their market power to require the vendors to take steps, but again, I think we all know they probably won't.  So, which is less bad... to accept continuing occasional zombifications... or to resort to the blunt instrument of regulation to nip it in the bud?

Art

The EAS Forum Discussion List is hosted by the BWWG (Broadcast Warning Working Group). http://eas.radiolists.net
Please invite your friends to join our Forum! The sign up is at: http://lists.radiolists.net/mailman/listinfo/eas