back to article DARPA to geeks: Weaponize your toasters … for America!

The US Military Defense Advanced Research Projects Agency (DARPA) is asking the American public to put on its collective black hat and find new ways to turn everyday technology into weapons of online destruction. Uncle Sam's hacker hut said that its new project, dubbed Improv, would seek to uncover new ways in which everyday …

Page:

  1. allthecoolshortnamesweretaken

    Isn't IoT gear dangerous enough already?

    1. ecofeco Silver badge

      Right?

      I really don't understand the purpose of this DARPA project. I mean why don't they do what everyone else does and just contract it out to some overseas country whose name(s) shall remain anonymous for now and get the same results results everyone gets? A shit product that is already vulnerable.

      I'm shocked that DARPA is this behind the times.

  2. gerdesj Silver badge

    Only in the Land of the free

    Unfortunately us Brits won't be able to join in with our special friends. I think we will fall afoul of the Computer Misuse Act off of 1990. I wonder if the US has anything similar?

    The basic idea as presented here second hand (probably third), is a fair one if you are patriotically motivated, provided you want to assist "DARPA's mission is to create strategic surprise" whatever that means.

    Mind you, given the sheer number of router manufacturers who have recently 'fessed up to hard coded credentials (Cisco, Juniper, D-Link, Fortinet - non exhaustive list) that mysteriously wormed into their firmwares why not? There are clearly a lot of bad actors out there.

    1. Lysenko

      Computer Misuse Act off of 1990...

      The CMA only covers malicious meddling with other people's property. It doesn't stop you devising attack vectors against gadgets any more than the illegality of burglary prevents you from designing lock picking tools.

      The point of the act is to stop self certified "white hat" researchers walking up to random strangers front doors and breaking in without permission, claiming it is necessary in order to demonstrate that Yale locks have security vulnerabilities.

      Buy your own damn lock to play with and get the hell off my lawn!

      1. Steve Davies 3 Silver badge

        Re: Computer Misuse Act off of 1990...

        Agreed. However that hasn't stopped MS from messing with your settings as part of their patching of that Windows 10 mess thay call an operating system now has it.

        1. Lysenko

          MS from messing with your settings

          Caveat: We're discussing a law here. Judges opinions matter. Privacy warriors - not so much.

          MS probably have permission if you dredge through the EULA in enough detail and apply relevant precedents. You cannot generally get out of a license/contract on the basis that you couldn't be bothered reading it and/or obtaining relevant legal advice about the implications. If you've got an active copy of Win10 then at some point you took positive action to assent to the EULA. Same applies to Android (which I suspect is a bigger privacy hole in any case).

          That's a completely different kettle of fish to something like port scanning, which is essentially the same as walking down a public street trying all the car door handles. Telling plod you're doing legitimate research into automotive security isn't going to get you out of a trip to the station.

          1. John Brown (no body) Silver badge

            Re: MS from messing with your settings

            "you took positive action to assent to the EULA."

            The EULA may or may not have any force in regards to this. A EULA cannot trump law in the UK. You can't sign away your legal rights in these cases. It's notable that whenever a EULA is challenged it always seems to end up with an out of court settlement so as not to risk any legal precedents,being set by a judge. These companies know their EULA is probably not enforcible and rely on scare tactics for the majority and paying off anyone with the resources to actually challenge it.

  3. Anonymous Coward
    Anonymous Coward

    side tracked nostalgia

    Ah L0pht not heard of that in years, I remember a friend of mine using it in hacking our school RM server to download the full usernames and password database file. Good times.

  4. Sorry that handle is already taken. Silver badge

    Toasters

    If I can get one of these, I will be happy.

    1. allthecoolshortnamesweretaken

      Re: Toasters

      Well, howdy-doodely-doo!

      1. Warm Braw Silver badge

        Re: Toasters

        If you look at an an intelligent toaster done properly you can see how the IoT crowd just don't get it.

        1. Bob Rocket
          Pint

          Re: Toasters

          That is the most awesome toaster I've ever seen

          https://www.youtube.com/watch?v=lQ3RAQ8cW2w

          have one on me ->

          1. Christian Berger

            Re: Toasters

            Then of course there's this:

            https://www.youtube.com/watch?v=bpGLpD25dpU

      2. Haku

        @allthecoolshortnamesweretaken

        Little known fact, Talkie Toaster is infact an incarnation of Box, a portable handheld supercomputer from the earlier BBC TV show Star Cops.

        Animated gif of Box

        1. allthecoolshortnamesweretaken

          Re: @Haku

          Thanks! I never knew that. Been some time since I've watched Star Cops... what were they thinking? Although, a remake with a proper budget and state of the art CGI could be interesting.

  5. Anonymous Coward
    Anonymous Coward

    But surely ...

    ,,, they are already have been "weaponised" to spy upon "The Enemy Within" ?

  6. Anonymous Coward
    Anonymous Coward

    "DARPA's mission is to create strategic surprise"

    Errrr...no, it isn't. DARPA's mission is to burn through about $3bn a year (possibly a lot more on the various skunk projects) trying to develop yet more toys for the peevish children running the Pentagon. And that's because the Pentagon aren't satisfied with spending more on "defence" than the next eight biggest spending nations combined.

    I suppose DARPA's 3bn is drop in the ocean of US total defence spending of around half a trillion dollars a year, but even so, it is an intriguing exercise to imagine the good things that the US could achieve if it spent rather more on improving lives rather than forcibly ending them.

    1. allthecoolshortnamesweretaken
      Pint

      Re: "DARPA's mission is to create strategic surprise"

      Best description (or is it an evaluation?) of the Pentagon and it's machinations ever. Cheers!

    2. Christoph

      Re: "DARPA's mission is to create strategic surprise"

      Well, it isn't all spent on that. The main purpose is of course gigantic profits for the arms firms. But there's also the massive payoffs to make sure that the politicians keep voting them the funds, the attacks on anyone who objects, and of course the critically important bribes and propaganda to make sure that there's always at least one war somewhere to test out the new toys, to use them up so that replacements have to be bought, and to show the public that all that defence money really is needed.

      1. Anonymous Coward
        Anonymous Coward

        Re: "DARPA's mission is to create strategic surprise"

        So, basically, the US defense industry is a way to increase the velocity of money to counteract the way that the rich are trying to reduce it.

        As Bernie Sanders points out, you could get exactly the same effect by giving the money to middle and low income people.

        It would be interesting to imagine what would happen if the US (and the UK) suddenly stopped spending all money on "defence" (other then civil emergency provision). Would we get invaded? Would we be economically better off even if we pensioned off all the Armed Forces? Would people like Liam Fox be begging on the streets?

        1. Vic

          Re: "DARPA's mission is to create strategic surprise"

          Would people like Liam Fox be begging on the streets?

          ohpleaseohpleaseohpleaseohpleaseohplease

          Vic.

        2. allthecoolshortnamesweretaken

          Re: "DARPA's mission is to create strategic surprise" / Voyna i Mor

          Yes. Canada would team up with Mexico, Cuba and North Korea and invade the USA right away, obviously. Just like in Red Dawn

    3. ecofeco Silver badge

      Re: "DARPA's mission is to create strategic surprise"

      Going a little farther off topic, that $4 trillion spent of the 10 year war would have rebuilt a lot of infrastructure and provide a lot of local jobs.

      But it pales in comparison to the $26 trillion given to Wall St as a reward for their failure.

      At least DARPA produces things we all can eventually use. Wall St? Not so much. The last security derivative I used was fit only for toilet paper. Literally.

  7. Allan George Dyer Silver badge
    Joke

    How about...

    i) Many homes have a supply of combustible gas that can used in arson attacks.

    ii) Most homes have a moderately high voltage electrical supply that can be used for electrocution or triggering arson attacks.

    iii) Hey, look, there's half a brick here, you could use it as a blunt instrument for violent assaults...

    What? it said NEW? Damn, I was on a roll...

    Don't forget, wooden clogs can be thrown or dropped into moving machinery, for the original sabotage.

    1. Anonymous Coward
      Anonymous Coward

      Re: How about..."Most homes have a moderately high voltage electrical supply "

      Pedant note: Just about all British homes have a low voltage electricity supply. Low voltage is anything with a peak between conductors < 1500V, i.e. about 1000VAC, according to the IEC and the BSi implementation of IEC standards.

      The US is of course different from the rest of the world, but US houses are still not high voltage within the US definition.

  8. Fruit and Nutcase Silver badge
    Coat

    Fire!

    With reference to the current Tumble Dryer recall, I think the required engineering is already there with some classes of domestic appliances - just need to be able to get them to go into self-destruct mode at command.

    Which appliances caused the most fires?

    14% washing machines (1,723)

    12% tumble dryers (1,456)

    11% dishwashers (1,324)

    9% cookers (1,080)

    7% fridges / freezers (861)

    5% central heating (606)

    4% toasters / grills (495)

    4% microwaves (427)

    3% TVs (372)

    2% washer dryers (225)

    1% irons (92)

    (Proportion and number of fires caused by faulty appliances between January 2011 and March 2014 based on government fire data.)

    Source: Which?

    ref: http://www.bbc.co.uk/news/uk-33124925

    Tumble Dryer recall

    http://www.bbc.co.uk/news/business-34901765

    1. Destroy All Monsters Silver badge

      Re: Fire!

      Big Data in action!

  9. Anonymous Coward
    Anonymous Coward

    Seems arse about face

    Since it seems likely that the US will be at least one of the fastest adopters of IoT gadgets, wouldn't DARPA be serving US interests better by finding innovative ways of de-weaponising them? ISTM that any "strategic surprise" from IoT devices running amok is likely to be most keenly experienced by the US.

    1. Steve Davies 3 Silver badge

      Re: Seems arse about face

      I could just imagine the fun that the Monty Pyhon team would have had with

      'Flying Toast as weapons of mass destruction'.

      Just the job for a really foggy morning here in this part of Blighty.

      1. Dave 126 Silver badge

        Re: Seems arse about face

        >I could just imagine the fun that the Monty Pyhon team would have had with 'Flying Toast as weapons of mass destruction'.

        Spike Milligan had already beaten them to it with the "The Jet-Propelled Guided NAAFI" episode of the Goon Show. (A NAAFI in this context was a canteen run by the Navy Army Air Force Institute for the benefit of British military personnel.)

        Good Heavens, Sir! It's a plan of a new Guided NAAFI! A self-contained missile capable of carrying eighty-two staff, ten NAAFI pianos, sixty thousand gallons of tea and twelve tons of buttered crumpets, being shot six thousand miles up and set fully operative at the point of impact in sixteen seconds. It sounds quite impossible.

        The good thing about radio comedy is that the special effects budged is unlimited!

        http://www.thegoonshow.net/scripts_show.asp?title=s06e19_the_jet_propelled_guided_naafi

        EDIT: Audio here: https://www.youtube.com/watch?v=rwSQ0CBQuA0 Enjoy!

    2. allthecoolshortnamesweretaken

      Re: Seems arse about face

      Cue Jack Ramsay...

    3. choleric

      Re: Seems arse about face

      Nope. DARPA are the red team in this exercise.

      War 101: "Know your enemy."

      Absolute genius. Douglas Adams couldn't have done it better. "It turned out that the ultimate weapon of global destruction was not the nuclear bomb but the humble toaster. The world ended shortly after 7.30am on a Thursday as the world's toasters burned their owners to a crunchy crisp."

  10. jake Silver badge

    Sorry, DARPA

    Those of us with a clue don't work on consumer goods anymore.

    The consumer situation is so sad that it's just not worth it.

    Management & marketing took all the fun out of hacking.

    1. Dave 126 Silver badge

      Re: Sorry, DARPA

      >Sorry, DARPA. Those of us with a clue don't work on consumer goods anymore.

      I'm sure they will be inconsolable.

      Seriously though, it makes no odds to me if I'm blown up by explosives derived from fertiliser or by those from a military supply chain. The results are the same if the timer used is purpose-made, or constructed from a cheap digital wristwatch.

      1. Michael Wojcik Silver badge

        Re: Sorry, DARPA

        The results are the same if the timer used is purpose-made, or constructed from a cheap digital wristwatch.

        Humph. The results may be the same, but in my day, a gentleman endeavored to perish with some style.

  11. Mephistro
    Devil

    "(DARPA) is asking the American public to put on its collective black hat and find new ways to turn everyday technology into weapons of online destruction."

    The American public? They would be better off asking the PRC!.

    Seriously now, how can these fuckwits expect such actions not to bite their arses in a near future?

    Idiocracy, the documentary, coming soon to your screens. Sigh.

    1. ecofeco Silver badge

      Why does everyone think Idiocracy is both fiction and a future scenario when it is actually a current documentary?

  12. Anonymous Coward
    Anonymous Coward

    DARPA is asking researchers, hobbyists and industry vendors to hack away at embedded devices and consumer technology in hopes of finding possible avenues of attack everyone capable of this type of hacking.

    FTFY

    1. Steve Davies 3 Silver badge

      But... Different rules apply here

      you seem to forget that DARPA operates in the universe of $500 Lump hammers.

      Ironically a perfect solution to the problem if wayward Toasters (and other hacked Domestic Appliances)

    2. Chris G Silver badge

      Gone Phishing

      Exactly my thoughts, a nationwide phishing expedition, you may find Darpa's assistance for you involves a 'lab' in Cuba.

      1. Mike 16 Silver badge

        Re: Gone Phishing

        The "Submit a proposal, win a free ticket to Cuba" (but not the part with the music and Pina Coladas) was exactly the first thing that crossed my mind. OTOH, the very obviousness of it leads to thought about how spam is carefully larded with typos and preposterous claims to filter out recipients with a clue. Now the hard part is to fill in the result:

        a) People who think about freelance McGyvering

        b) People who have some interesting ideas

        c) People dumb enough to tip their hands.

        What method finds the ((a & b) & !c) folks? Do they review your extant publications (or github profile) and if you _don't _ submit a proposal, send in the drones?

  13. Marcus Fil

    And over at MI6

    Now pay attention 007 there have been some changes since your enforced stay at the STD clinic. Double oh agents are no longer being sent into the field since this costs the British taxpayer too much in air tickets, casino chips and written off Aston Martins. We are now using the IOT for assassinations. Since you retain your licence to kill it will be your job to click on 'okay' the moment Agent Vrokoff steps into her power shower. There is a spare terminal in the filing cupboard.

    1. Anonymous Coward
      Anonymous Coward

      Re: And over at MI6

      "it will be your job to click on 'okay' the moment Agent Vrokoff steps into her power shower."

      Upvoted for knowledge of soundshift of Russian В, but in the real world nobody blows up women secret agents - they just get sent back to Moscow and become TV presenters.

      1. This post has been deleted by its author

        1. ecofeco Silver badge

          Re: And over at MI6

          Well it IS a modern world after all, init?

  14. Daniel B.

    Ask Berkeley Systems

    They might bring up Flying Toasters!

    1. allthecoolshortnamesweretaken

      Re: Ask Berkeley Systems

      I actually bought that way back when. In a shop. On a floppy disk, in a neat cardboard box, with a printed manual and some goodies. I still have the cheap biro that came with it... pink, with lots of flying toasters on it...

      Now get off my lawn!

  15. Anonymous Coward
    Anonymous Coward

    Anyone with an IoT toaster deserves to never experience the sweet taste of a perfectly toasted crumpet that is only beaten by the bacon sandwich in the realms of breakfast food par excellence.

    I like this though,

    Uncle Sam's hacker hut said that its new project, dubbed Improv, would seek to uncover new ways in which everyday technology could be compromised in order to present a security threat.

    At first I thought it should be prevent but then I remembered it's DARPA...

  16. Hey Nonny Nonny Mouse

    Have they told the FCC?

    Unless of course all the toasters are conected to a wired network won't this lead them into illegality following the recent FCC ruling that firmware in wireless capable devices cannot be modifiable?

  17. Mystic Megabyte
    Mushroom

    Why?

    Number 6 had the right idea!

    https://www.youtube.com/watch?v=ljGH07Unfe8

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021