Time to get rid of weird connected appliances! <<SKYNET MUST DIE>> check this
Electronics Plus
sales at elecplus.com
Sun Oct 23 16:34:39 CDT 2016
In 2011 Barnaby Jack warned of insulin pump attacks (https://en.wikipedia.org/wiki/Barnaby_Jack) yet in 2016 J&J had to warn their customers that they were vulnerable to attack (https://www.techdirt.com/articles/20161004/06242635699/johnson-johnson-warns-insulin-pump-owners-they-could-be-killed-hackers.shtml). When are companies going to get compliant with security?
-----Original Message-----
From: cctalk [mailto:cctalk-bounces at classiccmp.org] On Behalf Of Alexandre Souza
Sent: Sunday, October 23, 2016 2:36 PM
To: General Discussion: On-Topic and Off-Topic Posts
Subject: Re: Time to get rid of weird connected appliances! <<SKYNET MUST DIE>> check this
A good linux machine running a firewall wouldn't make all of this work flawlessly?
2016-10-23 17:31 GMT-02:00 Chuck Guzis <cclist at sydex.com>:
> On 10/23/2016 01:29 AM, Guy Dawson wrote:
> > It's not so much an attack on IoT as with IoT. The worm's ( assuming
> > a compromised IoT device is used to compromise others - I'm not sure
> > about this) job is to make IoT devices available to a control system
> > so that IoT devices can be used to generate the loads needed in DDOS
> > attacks.
> >
> > The attackers would rather you did not know your IoT devices were
> > compromised as that way you'll leave them connected to the Internet
> > and under their control.
>
> I contrast NFC and IoT. At least to me, "IoT" implies an
> Internet-connected device. NFC implies only that there's a device
> that can communicate wirelessly with nearby devices.
>
> Having said that, if one prowls the web for vulnerabilities in, say,
> DSL modems, it's shocking. Many, if not most, are running some sort
> of Linux, usually BusyBox (not known for its security). There are
> millions of the things out there, many with telnet enabled and still
> with the default password. The ISPs who distribute these things
> usually view them as "black boxes" and apparently have little interest in security.
>
> Whether or not some malefactor can hack a Carrier or Trane connected
> thermostat is something that I've not researched.
>
> --Chuck
>
More information about the cctalk
mailing list