A good linux machine running a firewall wouldn't make all of this work
flawlessly?
2016-10-23 17:31 GMT-02:00 Chuck Guzis <cclist at sydex.com>:
On 10/23/2016 01:29 AM, Guy Dawson wrote:
It's not so much an attack on IoT as with
IoT. The worm's ( assuming
a compromised IoT device is used to compromise others - I'm not sure
about this) job is to make IoT devices available to a control system
so that IoT devices can be used to generate the loads needed in DDOS
attacks.
The attackers would rather you did not know your IoT devices were
compromised as that way you'll leave them connected to the Internet
and under their control.
I contrast NFC and IoT. At least to me, "IoT" implies an
Internet-connected device. NFC implies only that there's a device that
can communicate wirelessly with nearby devices.
Having said that, if one prowls the web for vulnerabilities in, say, DSL
modems, it's shocking. Many, if not most, are running some sort of
Linux, usually BusyBox (not known for its security). There are millions
of the things out there, many with telnet enabled and still with the
default password. The ISPs who distribute these things usually view
them as "black boxes" and apparently have little interest in security.
Whether or not some malefactor can hack a Carrier or Trane connected
thermostat is something that I've not researched.
--Chuck