The Internet of Things is not a good thing, at least not in its current form. Events like this are why:
Record-breaking DDoS reportedly delivered by >145k hacked cameras
Dan Goodin – Sep 29, 2016 12:50 am UTC
Last week, security news site KrebsOnSecurity went dark for more than 24 hours following what was believed to be a record 620 gigabit-per-second denial of service attack brought on by an ensemble of routers, security cameras, or other so-called Internet of Things devices. Now, there’s word of a similar attack on a French Web host that peaked at a staggering 1.1 terabits per second, more than 60 percent bigger.
Internet-of-things makers are paying no attention to security, and provide no way for users of these devices to pay attention for them – or to fix them if, somehow, the people who own these devices actually figure out what’s going on. Even realising it’s happening isn’t easy to do; for most people, it’s functionally impossible.
It’s not like you can say, “oh, just put the software in ROM so it can’t be changed ever.” These things are going to send data out, that’s what they’re for, and you have customers be unable to give it a destination for that data.
The part that pisses me off the most is that makers of combination locks have been managing to send out randomised access codes for literally generations, and yet, the makers of these devices are still shipping them with stock passwords. Do you think we at least manage to get up to the safety and security of a middle-school locker Master Lock here? Apparently, no! Not yet.
jfc, 1.1 terabits. It’ll be a terabyte in another two years, all on devices somebody attached to a wall or put in a cabinet and will never look at again until it breaks. I can’t wait ’till we’re being DDOSed by ‘smart’ lightbulbs. What a clusterfuck.