Time to get rid of weird connected appliances! <<SKYNET MUST DIE>> check this

Electronics Plus sales at elecplus.com
Sun Oct 23 16:34:39 CDT 2016

In 2011 Barnaby Jack warned of insulin pump attacks (https://en.wikipedia.org/wiki/Barnaby_Jack) yet in 2016 J&J had to warn their customers that they were vulnerable to attack (https://www.techdirt.com/articles/20161004/06242635699/johnson-johnson-warns-insulin-pump-owners-they-could-be-killed-hackers.shtml). When are companies going to get compliant with security?

-----Original Message-----
From: cctalk [mailto:cctalk-bounces at classiccmp.org] On Behalf Of Alexandre Souza
Sent: Sunday, October 23, 2016 2:36 PM
To: General Discussion: On-Topic and Off-Topic Posts
Subject: Re: Time to get rid of weird connected appliances! <<SKYNET MUST DIE>> check this

A good linux machine running a firewall wouldn't make all of this work flawlessly?

2016-10-23 17:31 GMT-02:00 Chuck Guzis <cclist at sydex.com>:

> On 10/23/2016 01:29 AM, Guy Dawson wrote:
> > It's not so much an attack on IoT as with IoT. The worm's ( assuming 
> > a compromised IoT device is used to compromise others - I'm not sure 
> > about this) job is to make IoT devices available to a control system 
> > so that IoT devices can be used to generate the loads needed in DDOS 
> > attacks.
> >
> > The attackers would rather you did not know your IoT devices were 
> > compromised as that way you'll leave them connected to the Internet 
> > and under their control.
> I contrast NFC and IoT.  At least to me, "IoT" implies an 
> Internet-connected device.  NFC implies only that there's a device 
> that can communicate wirelessly with nearby devices.
> Having said that, if one prowls the web for vulnerabilities in, say, 
> DSL modems, it's shocking.  Many, if not most, are running some sort 
> of Linux, usually BusyBox (not known for its security).  There are 
> millions of the things out there, many with telnet enabled and still 
> with the default password.  The ISPs who distribute these things 
> usually view them as "black boxes" and apparently have little interest in security.
> Whether or not some malefactor can hack a Carrier or Trane connected 
> thermostat is something that I've not researched.
> --Chuck

More information about the cctalk mailing list