Posts: 1,402
Threads: 17
Joined: May 2016
#IOT OK, it's one of the latest fads. Yeah, it's right up their with mood rings and pet rocks wrt actual utility.
It's also the hotbed of "all your appliances are, belong to us. - H3x0rs"
https://www.weforum.org/agenda/2016/10/h...berattacks
http://www.securityweek.com/over-500000-...rai-botnet
Telnet is evil, man.
---Value Added
Posts: 1,216
Threads: 29
Joined: May 2016
I bet you want us to get off your lawn, too, old man?
#MakeTheDemocratsGreatAgain
Posts: 54
Threads: 0
Joined: Jul 2016
(10-17-2016, 11:56 PM)Ragnarök_62 Wrote: #IOT OK, it's one of the latest fads. Yeah, it's right up their with mood rings and pet rocks wrt actual utility.
It's also the hotbed of "all your appliances are, belong to us. - H3x0rs"
https://www.weforum.org/agenda/2016/10/h...berattacks
http://www.securityweek.com/over-500000-...rai-botnet
Telnet is evil, man.
Yep, and those new devices tend to be a lot more judicious with their network traffic. I run Wireshark on my home network every so often just to make sure nothing has transformed into the walking dead and the most active "talker" on my network is the fucking Roku player. Why it believes it need to send out an ARP request every 15 seconds (literally just making SURE it should STILL be using the same IP address) I just don't know. If I had to guess it's just laziness in the programming or the simplicity of the operating system running a dumb device that is expected to be online at all times, no questions asked (But mah Netflix isn't streaming fast enough!). Compromising those devices will be manna from heaven.
Like everything else though, the shit show will be fun to watch.
The single despot stands out in the face of all men, and says: I am the State: My will is law: I am your master: I take the responsibility of my acts: The only arbiter I acknowledge is the sword: If any one denies my right, let him try conclusions with me. -- Lysander Spooner
Posts: 1,402
Threads: 17
Joined: May 2016
(10-21-2016, 10:11 PM)Copperfield Wrote: (10-17-2016, 11:56 PM)Ragnarök_62 Wrote: #IOT OK, it's one of the latest fads. Yeah, it's right up their with mood rings and pet rocks wrt actual utility.
It's also the hotbed of "all your appliances are, belong to us. - H3x0rs"
https://www.weforum.org/agenda/2016/10/h...berattacks
http://www.securityweek.com/over-500000-...rai-botnet
Telnet is evil, man.
Yep, and those new devices tend to be a lot more judicious with their network traffic.
It's an marriage of stupidity. IoT vendors consider security as afterthought, if that. I mean telnet? Really.
I bet there's no forced passwd change either when folks get those devices out of the box. If they run Linux, that can be done.
I run Wireshark on my home network every so often just to make sure nothing has transformed into the walking dead and the most active "talker" on my network is the fucking Roku player.
I have Aide for checking file system changes, AppArmor and John the Ripper to make sure I use good passwds. I don't think I need something as complex as Wireshark since my box is just a personal PC. I just use ufw and have a default DENY policy. The shit that's open for email and DNS has exact rules pointing to my email/DNS/poker servers.
Why it believes it need to send out an ARP request every 15 seconds (literally just making SURE it should STILL be using the same IP address) I just don't know.
Looks like a loop iterator error. Does this sound about right? The arp call should be outside the loop and invoked only once.
I think it's again just horrible programming. What's wrong with :
Turn on device: code in rough form:
main (argv,argc) {
#include<stdio.h>
#include<sys/reboot.h>
#
# make arp call only once outside of loop
#
#use this shit: http://lxr.free-electrons.com/source/net/ipv4/arp.c
#
# Now handle streaming or whatever
#
while (1) {
do device stuff here
#
# check for off button pressed
#
http://www.c-sharpcorner.com/uploadfile/...n-C-Sharp/
if (device.off == 1) {
#
# safe reboot / change to halt
# http://stackoverflow.com/questions/10585...-file-loss-# created-by-the-progra
#
Code:
pid_t halt_pid;
if( 0 == (halt_pid = fork()) ) {
execlp("/sbin/halt", "/sbin/halt", NULL);
exit(1); /* never reached if execlp succeeds. */
}
if( -1 == halt_pid ) {
/* fork error... deal with it somehow */
}
int halt_status;
waitpid(reboot_pid, &reboot_status, 0);
if( !WIFEXITED(halt_status) ) {
/* halt process did not exit sanely... deal with it somehow */
}
if( 0 != WIFEXITSTATUS(halt_status) ) {
/* halt process exited with error;
* most likely the user lacks the required privileges */
}
else {
fputs("halt call sucessfull -- system is about to shutdown.");
/* The init system is now shutting down the system. It will signals all
* programs to terminate by sending SIGTERM, followed by SIGKILL to
* programs that didn't terminate gracefully. */
}
} /* end while loop */
} /* end crappy program snips from interwebs search by Rags here */
If I had to guess it's just laziness in the programming or the simplicity of the operating system running a dumb device that is expected to be online at all times, no questions asked (But mah Netflix isn't streaming fast enough!).
<sour grapes by Rags> cheap H1-B or outsourced coding </sour grapes by Rags >
Compromising those devices will be manna from heaven.
Oh you bet.
Internet DDOS outage map.
Like everything else though, the shit show will be fun to watch.
I agree. Just look at the map. H3x0rs hate blue states ! I wonder what Eric has to say about this.
*Texas. Texas is big, so they whacked the blue part of Texas.
*The coming shit storm:
:: Rags passes some popcorn to Copperfield ::
---Value Added
Posts: 1,216
Threads: 29
Joined: May 2016
The Blue areas are where most of the people are, Rags!
#MakeTheDemocratsGreatAgain
Posts: 1,402
Threads: 17
Joined: May 2016
(10-22-2016, 08:24 AM)Odin Wrote: The Blue areas are where most of the people are, Rags!
Uh, how come highly populated Europe isn't all red from H3xors?
---Value Added
Posts: 10,013
Threads: 103
Joined: May 2016
Rags, I always knew the election was rigged against us. Trump told me so.
Posts: 1,402
Threads: 17
Joined: May 2016
---Value Added
Posts: 1,402
Threads: 17
Joined: May 2016
Eric the Green Wrote:Rags, I always knew the election was rigged against us. Trump told me so.
I think that only applies to E-ballots. Rag's solution is to use paper ballots everywhere. Oklahoma uses paper ballots. The warning shots have been fired. There is no excuse for E-ballots, Diebold machines, etc.
If any jurisdiction is using e-voting, you've been warned. You certainly run the risk of severe disruption by IoT.
Trump is a shade of meaning off. The word is "disrupted", not "rigged".
https://en.wikipedia.org/wiki/Electronic_voting
---Value Added
|