Unsecured Internet of Things gadgets get hacked within 40 minutes of being connected to the net

doctorow · October 31, 2016, 6:30pm

Originally published at: http://boingboing.net/2016/10/31/unsecured-internet-of-things-g.html

…

Nelsie · October 31, 2016, 6:54pm

jhbadger · October 31, 2016, 7:00pm

In reality, wouldn’t the hypothetical Internet toaster be online by means of somebody’s router providing wifi? Wouldn’t you first need to hack the router to get access?

anon26304152 · October 31, 2016, 7:04pm

I just figured it was more chronal corruption and was about to summon the Press your luck dragon

gracchus · October 31, 2016, 7:27pm

[quote=“jhbadger, post:3, topic:88480, full:true”]
In reality, wouldn’t the hypothetical Internet toaster be online by means of somebody’s router providing wifi? Wouldn’t you first need to hack the router to get access?[/quote]

Only if it has an internal address on the LAN. If it’s exposed to the public Internet with its own IP address then you don’t need to hack the router first.

redesigned · October 31, 2016, 8:28pm

su maketoast | spreadbutter

GyroMagician · October 31, 2016, 9:33pm

So it’s not long until all these internet-of-things widgets are going to spend most of their cycles hacking each other. This should finally give global warming the push it needs to get off the ground. Is this really the end?

jackbird · October 31, 2016, 11:50pm

Thank god for IPv6, then.

McGreens · November 1, 2016, 2:32pm

su maketoast | spreadbutter > mouth
rm crumbs

angusm · November 1, 2016, 8:47pm

Did the makers of “Battlestar Galactica” know something when they referred to the robot villains of the show as “toasters”? Is this how it all starts?

renke · November 2, 2016, 10:28am

is this an alias for “mv crumbs /dev/floor”?

anon61221983 · November 2, 2016, 9:26pm

In the interview I heard with the guy on NPR this week, he made just that point, that stuff behind a router are safer (if not always 100% secure).

anon35475645 · November 2, 2016, 11:03pm

It depends.

Certain devices will ask the router for an outside connection through protocols like UPnP. Not all routers will comply to the request, but a lot of cheap consumer grade ones do.
Devices with IPV6 support get a publicly routeable IP by the very nature of the protocol, so if careful firewalling of the services isn’t done, these devices can be exposed.
Many “cloud” products are designed around communicating out to servers for their day to day operation. Compromise the company servers, and in turn you can compromise the individual IoT devices.

Aside from those case, yes you are at least “safer” with the devices behind a router.

doctorow · November 5, 2016, 6:31pm

This topic was automatically closed after 5 days. New replies are no longer allowed.

Topic		Replies	Views
Insecure internet-connected "honeypot" toaster hacked within an hour boing	27	3400	November 2, 2016
Crapgadget apocalypse: the IoT devices that punch through your firewall and expose your network boing	19	2509	March 5, 2016
Juniper's products are still backdoored; more evidence that the company was complicit boing	24	3279	January 13, 2016
Internet-destroying outages were caused by "amateurish" IoT malware boing	48	5170	October 27, 2016
Your next DDoS attack, brought to you courtesy of the IoT boing	29	2876	October 6, 2016

Unsecured Internet of Things gadgets get hacked within 40 minutes of being connected to the net

Related topics