On 23/10/2016 20:41, Alexis Kotlowy wrote:
On 24/10/2016 06:05, Alexandre Souza wrote:
A good linux machine running a firewall
wouldn't make all of this
work flawlessly?
The problem is the 'average consumer' isn't going to bother with that.
They'll just wire up their IoT devices, for convenience sake, and leave
it to do its thing.
True, but for many devices it's irrelevant because you can't easily get
to them from the internet. Some security cameras are an obvious
exception, along with other things you might connect to directly while
"out and about" - things you have to set up "port forwarding" for.
Nevertheless, most IoT devices only talk (outgoing) to some server in
some cloud, and are reasonably safe, at least until the server is
attacked. That's true of my thermostats and central heating control,
for example, and you won't easily get to them over my wifi because they
use almost-random 30-character keys. Attackers go for the low-hanging
fruit.
Unfortunately the number of people who will do this
far outweigh the people who know what they're doing.
Also true :-( And that applies as much to many manufacturers as to end
users. Two of my above-mentioned thermostats were originally limited to
an 8-character alphanumeric key, until I made a fuss about WiFi Alliance
standards.
As for modems/routers, over here (UK) the ISPs tend to go for fairly
random 12-20 character passwords which aren't even obviously related to
the MAC address. Even so, I ignored my ISP's offering in favour of
something a bit more high-end, carefully configured, but I still see an
average of about two connection attempts
a second.
--
Pete
Pete Turnbull