back to article Boffins find hundreds of thousands of woefully insecure IoT devices

More than 140,000 internet-of-things devices, from routers to CCTV systems contain zero-day vulnerabilities, backdoors, hard coded crackable passwords and blurted private keys, according to the first large scale analysis of firmware in embedded devices. Four researchers from EURECOM France found the flaws when conducting a …

  1. Anonymous Coward
    Anonymous Coward

    >internet-of-things devices, from routers to CCTV systems contain

    Since when did routers and IP CCTV cameras become "IoT" devices?

    1. VinceH

      "Since when did routers and IP CCTV cameras become "IoT" devices?"

      They're "things" and they're connected to networks/the internet - just like your computer.

      Which is why IoT is such a stupid term.

  2. Nate Amsden

    just wait

    till we get this "smart grid" bullshit, it will make these security bugs look like I don't know pretty trivial by comparison.

  3. John Smith 19 Gold badge
    Unhappy

    The IoT. All the s**t development practices of the real internet

    baked into potentially life threatening hardware.

    How could a fellow possibly resist signing up for such a delightful package?

    And remember this is a small team with limited resources just trying to prove a point.

    Think what happens when someone decides to do it for the money.

    "Dear Siemens/Hotpoint/Zanussi unless the sum of 10 euros per machine is paid to us we will use the security flaws we have discovered in your appliances to destroy or disable them permanently.

    A hacker collective."

    Welcome to the future.

    1. Stevie Silver badge

      Re: The IoT. All the s**t development practices of the real internet

      All your lightbulb are belong to us.

      1. John Smith 19 Gold badge
        Unhappy

        "All your lightbulb are belong to us."

        Exactly*

        *Note I'm not advocating anyone do this, merely that if the IoT expands without security, privacy and access control built into the architecture of the products (and their controllers) this is simply inevitable given human greed.

        It'll just be (to some) another money making opportunity.

  4. Sanctimonious Prick
    Coat

    Minimum

    What is the absolute minimum number to be considered to be in the hundreds of thousands? :D

    1. QuietLeni

      Re: Minimum

      200,000? Literally?

      1. John G Imrie
        Headmaster

        Surly...

        200,001 as he asked for in the hundreds of thousands, not on the boarder of hundreds of thousands.

        Icon chosen as it's the only pedant available.

        1. QuietLeni
          Headmaster

          Re: Surly... (or Surely?)

          Hmm. He did ask for the absolute minimum number. There are two "one-hundred thousands" in 200,000, thereby satisfying the criteria and 200,001 is more than the absolution minimum.

    2. Trigonoceps occipitalis

      Re: Minimum

      one and a half cup?

      one and a half cups?

      Ergo the minmum is 100,101

      (For those more pedantic than me, 100,100.001 - insert as many "0" after the decimal point as you like.)

  5. Anonymous Coward
    Anonymous Coward

    hmm

    not so much "contraptions" as "compcraptions"

  6. -tim

    Internet of Things?

    Maybe something more along the lines of Internet Devices ____ of Things would be more appropriate?

  7. Eddy Ito

    Once again proving that consumer grade kit isn't worth the hardware it's built from and I'd wager some "commercial grade" kit is just the same thing with a higher price. It's also why I keep a virtual BSD firewall on my laptop for when I'm traveling and don't know what kit I may need to connect through at the hotel or company I'm at.

  8. 4ecks

    I refer to my previous post exactly 1 year ago....

    http://forums.theregister.co.uk/forum/1/2011/08/18/linux_kernel_long_term_support/

    Doesn't allow for the stupidity of hard-coded passwords though!

  9. Stevie Silver badge

    Bah!

    Oh my god I did not see that coming (through my needlessly internet connected binoculars).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020