A year later, no action from Chinese company whose insecure PVRs threaten all internet users


#1

Originally published at: http://boingboing.net/2017/04/08/limits-of-responsible-disclosu.html


#2

Oh noes! Click, restore.


#3

I wonder if someone could write code to self destruct these botnets and take them all offline


#4

ding

Regrettably illegal, but still, useful and funny.
(Providing you yourself don’t own any of the crapware in question.)


#5

You presume they are not raking in a percentage of the take or are simply the ones behind the attacks as well.

What better way to get control than to provide the hardware and software and thus control the “keys” to it and prevent security holes from being fixed?

Sometimes it is better to assume malice as opposed to stupidity…

(Opinion only, not a statement of facts regarding any company or persons.))


#6

I would definitely be all for someone nuking these shitty iot into oblivion


#7

Given that(for the moment) the only vulnerability it attempts to exploit is brute-forcing credentials over telnet; this one is a mercy killing.


#8

Natural selection in action.


#9

I’m not surprised that a white labeled Chinese company hasn’t taken security seriously although you would hope that their customers (major electronics vendors) wouldn’t want their PVRs to become part of an army of botnets.

Mirai has taken down major sites, even a major DNS, and launched a large attack at a college.


#10

This topic was automatically closed after 5 days. New replies are no longer allowed.