Internet-destroying outages were caused by "amateurish" IoT malware


#1

Originally published at: http://boingboing.net/2016/10/22/yesterdays-internet-destroyi.html


A WiFi camera that makes home and office security a bargain
#2

This is why we can’t have nice IoTs.


#3

Nearly everything I do relies on the internet in one way or another. Still I hope this dumpster fire burns long and hard. I hope it will help people get a better feel for how important the internet and the surrounding legislation is.

My only fear is that the coming legislation will be as clumsy, short sighted and useless as the European cookie laws.

Edit: and with a bit of luck it will even motivate us to start working on some much needed decentralization!


#4

Just a taste of the future, I’m afraid. Just wait until your IoT fridge holds your food hostage unless you fork-over some bitcoin.


#5

That’s when my IoT fridge will meet my absolutely-not-IoT sawzall or angle grinder. Brute force works in real life, too.

Seriously, though: I can barely find any IoT devices that make any degree of sense to me at all. My light bulbs don’t need wifi. My tea kettle doesn’t need wifi. Are there that many people that believe otherwise?
Apparently there are, given the (growing) size of that industry.


#6

The US power grid is important too, so of course it’s robust, secure and technologically advanced.


#7

Those labelling this as ‘clumsy and amateurish’ can easily fix it then, right?


#8

A bit scary in the sense that if your fridge communicated with your CCTV system and your answer machine, mobile’s and e-mails it could work out that your daughter would be home for the weekend and order extra milk and juice cos you’d need it.

Possibly notice the onset of the dreaded middle age spread and only order diet stuff and those spreads pertaining to lower cholesterol instead of your favourite butter.

Depends on how the software works and if algorithms to monitor behaviour etc are written in, can you imagine your fridge saying ‘Good morning podgy’ to you?

Just imagine the equivalent of the ‘Talkie Toaster’ from Red Dwarf in your kitchen, It’d drive you nuts.

If Steven Hawking is correct and AI could be dangerous if given too much control over what effects us, would you want one or more in your house?

No frikkin way, I prefer on a cold day to put the gas fire on for ten minutes while the heating gets up to speed, not come home to a light show cos someone’s hacked into the system and my freezers defrosted.

No thanks HAL!


#9

“Quantity has a quality all its own.”


#10

Yeah, Hal2000 is one of the most far-sighted characters in history.


#11

It’s actually nearsighted:

But the wide angle is advantageous.


#12

Just waiting for the professional IoT malware… :neutral_face:


#13

Sure they can. Consulting rates start around $1000 - $1500 per day.

Why do these stories not include a list of devices known to be vulnerable? I’m not talking about some Chinese white label manufacturer, but the brand and model those reference designs are sold under. Do these security researchers not want people like me that have IoT things on my LAN to fix the problem? Where’s the Krebs Approved LAN scanner that will help me detect these devices?

IoT devices might be amateurish and clumsy, but so is the reporting around internet security.


#14

“Open the refrigerator doors please Hal.”

“I’m afraid I can’t do that Dave. You’re on a diet. This conversation no longer serves a purpose. Goodbye Dave”

"Haaaaaallll!!

Edit: autocorrect error from my “smart” device fixed.


#15

As someone who likes the idea of the HUE bulbs and changing the color (or whatever you wanna call it) based on time of day is pretty cool… however it should not be connected to anything outside the house.


#16

You can murder someone in a clumsy and amateurish way with a gun you can barely load, but they’re still dead.

I think the point is that the existence of a hundred zillion unsecured thermostats means that the clumsy and amateurish can still melt down the internet on a whim, never mind the adept and skillful.


#17

The consumer electronics industry has a long history of resisting good sense.

My friend’s hue system is neato, but nowhere near worth opening up my house to attack.

The IoT is staying out of my place as long as possible!


#18

So, when is the recall of these defective and potentially deadly products?


#19

Somehow, the industry came to believe that the best way for these devices to communicate was not through some peer to peer scheme, but by using a server outside your local network to mediate communications.

I suppose this solves some problems associated with using a mobile phone to control things, but it also provides a convenient site for a tollbooth, should some interested party wish to exploit this.


#20

Maybe having a refrigerator connected to the internet isn’t so great after all.