[Article] When Smart Homes Attack ...

[electron]

CNN is reporting that a collection of over 100,000 IP enabled gadgets have collectively attacked a target over the internet.  Gadgets include compromised routers, smart TVs and even a fridge!  Check the press release below for more info.
 
I can't say I didn't see this one coming, hopefully it will convince people that they need to treat each device connected to your home network as an insecure computer, especially with 'Internet of Things' becoming a popular term.

Click here to view the article

 

[linuxha]

The counter to Proofpoint's information:
 
http://arstechnica.com/security/2014/01/is-your-refrigerator-really-part-of-a-massive-spam-sending-botnet/
 
While it points out that the Proofpoint announcement may be weak it doesn't address the issues that things can get messed up. Let's face it not everything plays nice together. Search for recent articles about TVs that phone home with user data despite being turned off or WiFi devices that search for other ways to phone home when they've been blocked. Whether it's by design (consumer espionage, sorry big data ;-) ), by accident (bugs) or by malware, we (consumers) still need to have ways to address the security of these devices that we don't have control over. I can't get Tivo to address there numerous 'improvements' that break functionality never mind getting help with a security issue if one should arise. I might be able to get creative with network filters but the avg. consumer doesn't have a clue. And perhaps the better question is should they ?

 

[Efried]

I see some reluctance of supplier investing in security. Especially email accounts at embedded controllers are not secured and communication is not encrypted.
Check out those rules:
- authentic counterpart
- confidential data
- integrity check

 

[Desert_AIP]

"What are you doing Dave?"