On 10/22/2016 11:17 PM, COURYHOUSE at aol.com wrote: I wish that writers had a clue what IoT is and what that means. I have no network connected devices of this source facing the open net. All of the premises equipment supplied by the internet, tv, and phone provider, are on their own 10 net, and isolated from any connection to the internet. If they are corrupted, fun, but not going to get to the internet. This is a worm from what I see, and it does target network connected devices, but it doesn't attack what is currently bounced around as IoT. I suppose if you want to call every network enlightened device out the including ones developed before the IoT of the last couple of years came into existence then okay. I know this is a bit new for the list, but the concept of having embedded or other network controls on devices is not. I'll be interested to see what sort of attack is implemented by this, but this worm attack is more like the Morris attack of years ago than an attack on IoT. That will come, but will have very different symptoms. If you have a wireless controlled remote "cloud" device say a colored LED light bulb, while you are watching TV some nite, loaded and not sure what is going on, your LED light will start changing and putting out fun colors and other patterns, and you will wonder if your latest pot maybe had a bit of acid added to it. Thanks Jim

On 10/23/2016 01:29 AM, Guy Dawson wrote: I contrast NFC and IoT. At least to me, "IoT" implies an Internet-connected device. NFC implies only that there's a device that can communicate wirelessly with nearby devices. Having said that, if one prowls the web for vulnerabilities in, say, DSL modems, it's shocking. Many, if not most, are running some sort of Linux, usually BusyBox (not known for its security). There are millions of the things out there, many with telnet enabled and still with the default password. The ISPs who distribute these things usually view them as "black boxes" and apparently have little interest in security. Whether or not some malefactor can hack a Carrier or Trane connected thermostat is something that I've not researched. --Chuck

On 24/10/2016 06:05, Alexandre Souza wrote: The problem is the 'average consumer' isn't going to bother with that. They'll just wire up their IoT devices, for convenience sake, and leave it to do its thing. Unfortunately the number of people who will do this far outweigh the people who know what they're doing. Alexis

Nevertheless, most IoT devices only talk (outgoing) to some server in some cloud, and are reasonably safe, at least until the server is attacked.

-----Original Message----- From: cctalk [mailto:cctalk-bounces at classiccmp.org] On Behalf Of Alexandre Souza Sent: 23 October 2016 20:36 To: General Discussion: On-Topic and Off-Topic Posts <cctalk at classiccmp.org> Subject: Re: Time to get rid of weird connected appliances! <<SKYNET MUST DIE>> check this A good linux machine running a firewall wouldn't make all of this work flawlessly?