Time to get rid of weird connected appliances! <<SKYNET MUST DIE>> check this
alexandre.tabajara at gmail.com
Sun Oct 23 14:35:47 CDT 2016
A good linux machine running a firewall wouldn't make all of this work
2016-10-23 17:31 GMT-02:00 Chuck Guzis <cclist at sydex.com>:
> On 10/23/2016 01:29 AM, Guy Dawson wrote:
> > It's not so much an attack on IoT as with IoT. The worm's ( assuming
> > a compromised IoT device is used to compromise others - I'm not sure
> > about this) job is to make IoT devices available to a control system
> > so that IoT devices can be used to generate the loads needed in DDOS
> > attacks.
> > The attackers would rather you did not know your IoT devices were
> > compromised as that way you'll leave them connected to the Internet
> > and under their control.
> I contrast NFC and IoT. At least to me, "IoT" implies an
> Internet-connected device. NFC implies only that there's a device that
> can communicate wirelessly with nearby devices.
> Having said that, if one prowls the web for vulnerabilities in, say, DSL
> modems, it's shocking. Many, if not most, are running some sort of
> Linux, usually BusyBox (not known for its security). There are millions
> of the things out there, many with telnet enabled and still with the
> default password. The ISPs who distribute these things usually view
> them as "black boxes" and apparently have little interest in security.
> Whether or not some malefactor can hack a Carrier or Trane connected
> thermostat is something that I've not researched.
More information about the cctalk