>internet-of-things devices, from routers to CCTV systems contain
Since when did routers and IP CCTV cameras become "IoT" devices?
More than 140,000 internet-of-things devices, from routers to CCTV systems contain zero-day vulnerabilities, backdoors, hard coded crackable passwords and blurted private keys, according to the first large scale analysis of firmware in embedded devices. Four researchers from EURECOM France found the flaws when conducting a …
baked into potentially life threatening hardware.
How could a fellow possibly resist signing up for such a delightful package?
And remember this is a small team with limited resources just trying to prove a point.
Think what happens when someone decides to do it for the money.
"Dear Siemens/Hotpoint/Zanussi unless the sum of 10 euros per machine is paid to us we will use the security flaws we have discovered in your appliances to destroy or disable them permanently.
A hacker collective."
Welcome to the future.
*Note I'm not advocating anyone do this, merely that if the IoT expands without security, privacy and access control built into the architecture of the products (and their controllers) this is simply inevitable given human greed.
It'll just be (to some) another money making opportunity.
Once again proving that consumer grade kit isn't worth the hardware it's built from and I'd wager some "commercial grade" kit is just the same thing with a higher price. It's also why I keep a virtual BSD firewall on my laptop for when I'm traveling and don't know what kit I may need to connect through at the hotel or company I'm at.
Biting the hand that feeds IT © 1998–2020