Unsecured Internet of Things gadgets get hacked within 40 minutes of being connected to the net


#1

Originally published at: http://boingboing.net/2016/10/31/unsecured-internet-of-things-g.html


#2

You’re getting slow, old man.


#3

In reality, wouldn’t the hypothetical Internet toaster be online by means of somebody’s router providing wifi? Wouldn’t you first need to hack the router to get access?


#4

I just figured it was more chronal corruption and was about to summon the Press your luck dragon


#5

[quote=“jhbadger, post:3, topic:88480, full:true”]
In reality, wouldn’t the hypothetical Internet toaster be online by means of somebody’s router providing wifi? Wouldn’t you first need to hack the router to get access?[/quote]

Only if it has an internal address on the LAN. If it’s exposed to the public Internet with its own IP address then you don’t need to hack the router first.


#6

su maketoast | spreadbutter


#7

So it’s not long until all these internet-of-things widgets are going to spend most of their cycles hacking each other. This should finally give global warming the push it needs to get off the ground. Is this really the end?


#8

Thank god for IPv6, then.


#9

su maketoast | spreadbutter > mouth
rm crumbs


#10

Did the makers of “Battlestar Galactica” know something when they referred to the robot villains of the show as “toasters”? Is this how it all starts?


#11

is this an alias for “mv crumbs /dev/floor”?


#12

In the interview I heard with the guy on NPR this week, he made just that point, that stuff behind a router are safer (if not always 100% secure).


#13

It depends.

  • Certain devices will ask the router for an outside connection through protocols like UPnP. Not all routers will comply to the request, but a lot of cheap consumer grade ones do.

  • Devices with IPV6 support get a publicly routeable IP by the very nature of the protocol, so if careful firewalling of the services isn’t done, these devices can be exposed.

  • Many “cloud” products are designed around communicating out to servers for their day to day operation. Compromise the company servers, and in turn you can compromise the individual IoT devices.

Aside from those case, yes you are at least “safer” with the devices behind a router.


#14

This topic was automatically closed after 5 days. New replies are no longer allowed.