Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4
2718 posts

Uber Geek
+1 received by user: 1233

Trusted
Lifetime subscriber

  # 1656700 23-Oct-2016 20:20
Send private message

MikeB4: The IOT devices at home are behind a modem and router do the work there and things should be good. The peas in the freezer and the coffee will be sweet.

 

And the said IoF (Internet of Fail) device talking to your local router using upnp to open a port to the internet. Then services like shodan or other botnets scanning the interwebs and then using the open ports as an attack vector for the DDoS.

 






370 posts

Ultimate Geek
+1 received by user: 85


  # 1656716 23-Oct-2016 21:38
One person supports this post
Send private message

Fred99:

 

Rikkitic:

 

What happens if two toasters start playing tic-tac-toe and plunge the world into nuclear war?

 

 

Burned toast.

 

 

The NetBSD toaster is the only toaster I have ever wanted,

 

 


 
 
 
 


370 posts

Ultimate Geek
+1 received by user: 85


  # 1656721 23-Oct-2016 21:47
Send private message

joker97:

 

cynnicallemon:

 

Classic Red Dwarf.

 

On a darker note, that reminded me of a film from the early 70's called Dark Star. This excellent film should be a reminder that we control (or not control) our own destiny in regards of AI.

 

 

It seems like a paradox to be in control over A.I., if the A has an I then by definition it is in control of itself (and therefore you).

 

 

Why? Humans "gave birth" to it so, like any kid/teen, if we don't nuture it then we will end up with chaos. 

 

It's not the AI itself that I have the problem with so much but, whats behind those minds that create it.


370 posts

Ultimate Geek
+1 received by user: 85


  # 1656722 23-Oct-2016 21:52
Send private message

BarTender:

 

And the said IoF (Internet of Fail) device talking to your local router using upnp to open a port to the internet. Then services like shodan or other botnets scanning the interwebs and then using the open ports as an attack vector for the DDoS.

 

 

UPNP is normally the first thing to get disabled on any router when I configure it, along with SAMBA and other wonderful things that have no need to be on an internet facing device.

 

 


951 posts

Ultimate Geek
+1 received by user: 311

Trusted

  # 1656723 23-Oct-2016 21:56
Send private message

gzt: The internet of things is full of holes.

 

yeh absolutely. poorly written software on a lot of devices. update mechanisims are crap or non existant and people are like well my device works i am not gonna bother updating it. if you have a IoT fridge on a 100mbit ufb connx you can contribute quite a bit to ddosing. 






370 posts

Ultimate Geek
+1 received by user: 85


  # 1656729 23-Oct-2016 22:25
Send private message

darylblake:

 

gzt: The internet of things is full of holes.

 

yeh absolutely. poorly written software on a lot of devices. update mechanisims are crap or non existant and people are like well my device works i am not gonna bother updating it. if you have a IoT fridge on a 100mbit ufb connx you can contribute quite a bit to ddosing. 

 

 


2535 posts

Uber Geek
+1 received by user: 715


  # 1656730 23-Oct-2016 22:31
Send private message

http://waitbutwhy.com/2015/01/artificial-intelligence-revolution-2.html

An excellent discussion piece on why we should REALLY start thinking this through carefully!

 
 
 
 


2718 posts

Uber Geek
+1 received by user: 1233

Trusted
Lifetime subscriber

  # 1656776 24-Oct-2016 07:04
Send private message

cynnicallemon:

BarTender:


And the said IoF (Internet of Fail) device talking to your local router using upnp to open a port to the internet. Then services like shodan or other botnets scanning the interwebs and then using the open ports as an attack vector for the DDoS.



UPNP is normally the first thing to get disabled on any router when I configure it, along with SAMBA and other wonderful things that have no need to be on an internet facing device.


 


You will be part of the 0.01% of the population that disables upnp.
As every IoT device depends on it. All gaming consoles need ports forwarded to game online. The vast majority of people are unable to reconfigure their own router hence why upnp was created.

Solve the upnp problem on ipv4 and don't say ipv6 since in that situation most devices are directly accessible as ipv6 removed the nat and firewall requirement.

Unsecured devices and upnp isn't going anywhere so this is the new world we live in.





370 posts

Ultimate Geek
+1 received by user: 85


  # 1656791 24-Oct-2016 08:51
Send private message

BarTender:
As every IoT device depends on it. All gaming consoles need ports forwarded to game online.

 

Stupidity like this is why we're seeing such an escalation in attacks of late. If this is the "new world we live in" then I will do my best not to subscribe to it.

 

Technology is going at a faster rate than the human mind can adapt to it, at least that's what I think, and something unforeseen will occur somewhere down the track.

 

The whole "smart device" concept is pointing at the human race and saying it's dumb and it's just wrong.

 

Actually, to think about it you might be dumb if you spend $1600 on a "smart" phone which explodes in your trouser pocket and roasts your gonads...


8286 posts

Uber Geek
+1 received by user: 4571


  # 1656804 24-Oct-2016 09:47
Send private message

cynnicallemon:

 

 

 

Technology is going at a faster rate than the human mind can adapt to it, at least that's what I think, and something unforeseen will occur somewhere down the track.

 

 

 

 

I heard a comment from supposed experts the other day, projecting that over the coming decade or so, there will be 50 cyber-security job opportunities available for every qualified applicant.  That usually means that the pay is better than for jobs where there are 50 qualified applicants for every available job.  It may also mean that for every 50 people working in that role, 49 of them won't be adequately qualified.

 

I don't understand enough (or much at all really) about the subject, so just guessing, that as the source code for the malware which was used to compromise the IoT devices then launch the DDOS attack is freely available, then it could be re-written to locate the insecure devices, hack them, get them to broadcast their real IP and info about the device, then force ISPs to cut service to owners of the devices until they've secured them. ISPs wouldn't like it much - they'd need to be forced to act I expect, as customers with insecure devices will get very annoyed.

 

Get notice from ISP - please disconnect or secure your device "gizmobabycam" within 24 hours, or we'll disconnect your internet connection (or limit your upload bandwidth to 10kb/s until your devices are secure).

 

 


3331 posts

Uber Geek
+1 received by user: 1099

Trusted
Lifetime subscriber

  # 1656821 24-Oct-2016 10:29
Send private message

Every time I hear people linking toasters to "smart" or "AI" I think of these:

 

Image result for cylon "toaster"


3082 posts

Uber Geek
+1 received by user: 500

Trusted
Subscriber

  # 1656824 24-Oct-2016 10:36
Send private message

Dratsab:

 

Every time I hear people linking toasters to "smart" or "AI" I think of these:

 

Image result for cylon "toaster"

 

 

No no, those are tea makers. Pure Ceylon Tea is great!


2718 posts

Uber Geek
+1 received by user: 1233

Trusted
Lifetime subscriber

  # 1656872 24-Oct-2016 11:35
Send private message

Fred99: Get notice from ISP - please disconnect or secure your device "gizmobabycam" within 24 hours, or we'll disconnect your internet connection (or limit your upload bandwidth to 10kb/s until your devices are secure).

That will be a very expensive ordeal to deal with. As hand holding potentially tens of thousands of customers can through that will be time consuming and thus expensive.
Aren't ISPs supposed to just be shifting bits. Since now you're talking about port scanning customers and removing or limiting service. That could be interpreted as a privacy breach.





22188 posts

Uber Geek
+1 received by user: 4756

Trusted
Subscriber

  # 1656875 24-Oct-2016 11:41
Send private message

Devices behind a router that cant have incoming connections still connect out to their cloud service to recieve commands. That is how they still work when they are not accessable.

 

I had a quick look at the trashy cheap cameras from the same company that made all the compromised NVR's that are in the news. They use a service called XMeye to be visiable from outside.

 

The communication with that seems pretty basic. There was some cleartext stuff coming back from the cloud, and it seems that any user is able to try to authenticate with the camera via the cloud service just knowing the cameras sequential cloud ID.

 

You can untick the cloud tickbox in the settings, but they still want to communicate with xmeye. Who knows what someone who has either control over that can send back, or what they can send just by going via it as an unauthenticated user?

 

Firewall doesnt do crap when the devices are connecting out to get their own payloads etc.





Richard rich.ms

13967 posts

Uber Geek
+1 received by user: 6727

Trusted
Subscriber

  # 1656936 24-Oct-2016 15:08
Send private message

cynnicallemon:

 

 

 

The NetBSD toaster is the only toaster I have ever wanted,

 

 

 

 

 

 

Can one get fries with that?





Mike
Retired IT Manager. 
The views stated in my posts are my personal views and not that of any other organisation.

 

Using empathy takes no energy and can gain so much. Try it.

 

 


1 | 2 | 3 | 4
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Xero announces new smarter tools, push into the North American market
Posted 19-Jun-2019 17:20


New report by Unisys shows New Zealanders want action by social platform companies and police to monitor social media sites
Posted 19-Jun-2019 17:09


ASB adds Google Pay option to contactless payments
Posted 19-Jun-2019 17:05


New Zealand PC Market declines on the back of high channel inventory, IDC reports
Posted 18-Jun-2019 17:35


Air New Zealand uses drones to inspect aircraft
Posted 17-Jun-2019 15:39


TCL Electronics launches its first-ever 8K TV
Posted 17-Jun-2019 15:18


E-scooter share scheme launches in Wellington
Posted 17-Jun-2019 12:34


Anyone can broadcast with Kordia Pop Up TV
Posted 13-Jun-2019 10:51


Volvo and Uber present production vehicle ready for self-driving
Posted 13-Jun-2019 10:47


100,000 customers connected to fibre broadband network through Enable
Posted 13-Jun-2019 10:35


5G uptake even faster than expected
Posted 12-Jun-2019 10:01


Xbox showcases 60 anticipated games
Posted 10-Jun-2019 20:24


Trend Micro Turns Public Hotspots into Secure Networks with WiFi Protection for Mobile Devices
Posted 5-Jun-2019 13:24


Bold UK spinoff for beauty software company Flossie
Posted 2-Jun-2019 14:10


Amazon Introduces Echo Show 5
Posted 1-Jun-2019 15:32



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.