Time to get rid of weird connected appliances! <<SKYNET MUST DIE>> check this

Chuck Guzis cclist at sydex.com
Sun Oct 23 14:31:42 CDT 2016


On 10/23/2016 01:29 AM, Guy Dawson wrote:
> It's not so much an attack on IoT as with IoT. The worm's ( assuming
> a compromised IoT device is used to compromise others - I'm not sure
> about this) job is to make IoT devices available to a control system
> so that IoT devices can be used to generate the loads needed in DDOS
> attacks.
> 
> The attackers would rather you did not know your IoT devices were 
> compromised as that way you'll leave them connected to the Internet
> and under their control.

I contrast NFC and IoT.  At least to me, "IoT" implies an
Internet-connected device.  NFC implies only that there's a device that
can communicate wirelessly with nearby devices.

Having said that, if one prowls the web for vulnerabilities in, say, DSL
modems, it's shocking.  Many, if not most, are running some sort of
Linux, usually BusyBox (not known for its security).  There are millions
of the things out there, many with telnet enabled and still with the
default password.  The ISPs who distribute these things usually view
them as "black boxes" and apparently have little interest in security.

Whether or not some malefactor can hack a Carrier or Trane connected
thermostat is something that I've not researched.

--Chuck


More information about the cctalk mailing list