I wrote a thing on why this IoT botnet is basically a demonstration that we're utterly doomed: http://mjg59.dreamwidth.org/45098.html
-
-
En réponse à @mjg59
question on the scale of this: of the (say) 30k IP cameras on Amazon, do many share the same underlying firmware?
1 réponse 0 Retweet 0 j'aime -
En réponse à @xor
Oh, almost certainly! But you won't be able to tell without pulling them apart, and they may still have been custom hacked.
2 réponses 1 Retweet 2 j'aime -
En réponse à @mjg59
Parker Higgins a retweeté Parker Higgins
this is sort of what I meant; problem space might be MUCH smaller than estimated (if we're lucky)https://twitter.com/xor/status/789701690165305345 …
Parker Higgins ajouté,
2 réponses 0 Retweet 4 j'aime -
En réponse à @xor
The problem is that you still need to dump the firmware for each shipment to verify it hasn't been changed
2 réponses 0 Retweet 1 j'aime -
En réponse à @mjg59
well, if you want full coverage. But maybe fixing the default cuts the scale enough?
2 réponses 0 Retweet 1 j'aime -
En réponse à @xor
This time round, maybe. But I don't think inspection is a real solution, given prevalence of software vulnerabilities in general.
2 réponses 0 Retweet 0 j'aime -
En réponse à @mjg59
I agree. But it feels qualitatively different to me if malware has to exploit a vuln vs just logging in
2 réponses 0 Retweet 4 j'aime -
En réponse à @xor
Even if we remove 95% of the vulnerable devices, that 5% is enough to cripple the internet many times over
3 réponses 4 Retweets 11 j'aime
oh god
Le chargement semble prendre du temps.
Twitter est peut-être en surcapacité ou rencontre momentanément un incident. Réessayez ou rendez-vous sur la page Twitter Status pour plus d'informations.