While I'm not completely against IP control of lights/outlets, I am completely against using cloud based devices. Most of the "dumbed down" automation devices that have come out in the last few years have used cloud based access. Garage door openers, deadbolt locks, WeMo, etc. What happens when these companies decide that their product is no longer viable (not making money) and they decide to shut it down. What happens with the hardware and your ability to use it? For this reason alone, I will never use a cloud based.Work2Play said:
MAJOR security flaw found in Belkin WeMo, "deathtrap"
- Thread starter ChrisCicc
- Start date
Dean Roddey
Senior Member
The thing is, there's no such thing as not connected to the internet. If someone can get to your router and open a port, then anything he wants connected is connected. Probably lots of routers have UPnP router configuration enabled, so all it takes is running one program, that you'd probably never realize was bad since it wouldn't do anything obvious. It could open up various ports for direct incoming access.
For that matter, don't a number of the major sleazy theft programs out there like emule and freenet and such use UPnP to open ports while the program is open? If so, that means that those folks who allow that, figuring it's a good thing if it lets them steal stuff, will have enabled that functionality on their routers if it wasn't on by default. And of course that's exactly the kinds of programs that would be ripe for getting you to run something dangerous as well. If you have any teenagers ever on your network, you should probably assume these types of things are going on and that they will run almost anything they can download.
I geuss that those incoming packets are not going to be local subnet packets, right? If so, one simple thing to do is to have these devices refuse any packets not for the local subnet. But companies selling individual devices are likely not to do that because they want to claim you can use some simple phone app to talk directly to the device, not requiring an automation system. So they'd have to accept network packets, presumably?
For that matter, don't a number of the major sleazy theft programs out there like emule and freenet and such use UPnP to open ports while the program is open? If so, that means that those folks who allow that, figuring it's a good thing if it lets them steal stuff, will have enabled that functionality on their routers if it wasn't on by default. And of course that's exactly the kinds of programs that would be ripe for getting you to run something dangerous as well. If you have any teenagers ever on your network, you should probably assume these types of things are going on and that they will run almost anything they can download.
I geuss that those incoming packets are not going to be local subnet packets, right? If so, one simple thing to do is to have these devices refuse any packets not for the local subnet. But companies selling individual devices are likely not to do that because they want to claim you can use some simple phone app to talk directly to the device, not requiring an automation system. So they'd have to accept network packets, presumably?
and fear mongering seems to be the favorite contact sport of the day.
For example, look at the risk originally quoted here in this thread - potentially starting a fire. I can do that with a beer bottle, a pint of gasoline, and a rag. You've been vulnerable to that attack all my life, and will likely continue to be vulnerable for years to come.
This new threat doesn't seem very bad in light of existing threats.
ChrisCicc
Active Member
M Terry said:
Actually, no, the threats are not the same. There are two things at play here, one, that WeMo is vulnerable to attack, and two, once attacked, can be used in a way that will start a fire to an attached space heater and other equipment if the attacker so intends. The problem here is the switching speed. For comparison, if an Insteon system was every taken over in a similar way, they would not be able to power cycle it multiple times per second due to limitations of the Insteon protocol. There is simply no need to cycle that many times per second, they need to add a "governor", so to speak.
And that's what I meant by implementing it CORRECTLY, with security in mind. Once you do this, IP devices are just fine. If companies DON'T do this, then there isn't much we can do, IP or not. Heck, you can control X10 devices in the house, by plugging in a module on the outside of the house (or maybe even your neighbor's house). Similar attacks have been proven in the Z-Wave world. Protocol/security through obscurity does NOT work, you need to do security right.
pete_c
Guru
Personally I think its good for the vendor to be aware of said issue.
It is unlikely that it would occur but it is this kind of stuff that creates the checks and balances for their product; and "stuff" the vendor may have missed.
Someone with malicious intent or on some sort of "dare" can take advantage of this "faux pas" easily enough.
That said though not sure if a "label" on the product stating something about misuse can lead to a fire will suffice at corrective actions to a seemingly design flaw.
Just a few years ago I had a Z-Wave lamp module do a "flash and burn". The lamp module was behind a couch. The "flash" part was bright enough to be seen thruout the entire family room. Taking the switch apart did show that there was something inside which charred the outer casing and it did "leak" some of flames from the appearance of it.
Here are some pictures of the remains of said switch. Vendor did apologize and replace it promptly. That said though it could have started a fire as it was only a few inches from the back of the couch in the family room.
It didn't stop me from installing Z-wave and from what I can tell there is no way that I could check switches for being "flash and burn" susceptible before installation.
Not too long ago on another thread in another forum the moderators laptop did a flash and burn while he was using it. The fire department was called. It did fill up the house with noxious fumes, burnt a chair and half the laptop. He was able to take it outside while it was smoldering. The smoke though did damage his home a bit. His pictures and story did make me more vigilent to have a look at my laptops and batteries et al. Here I will also post some pictures of the damage. (it happened just about 2 weeks ago).
One day a few summers ago while taking my children to Florida; I saw a "flash and burn" of one of two engines on the plane we sat on midflight. The pilot promptly put the fire out and said it was no issue to fly with one engine. We did continue on the flight and landed just fine. (it was sight that I will never forget seeing). I don't have pictures as I was mesmerized by watching.
I did learn how to fly some time in my lifetime; my flight instructor also did get killed while teaching someone else how to fly. Logically it made no sense to me as he was a very good instructor; carefull always following "scripted" methodologies of flight. That said though it didn't stop me from continuing to learn and fly.
Historically the odds of said type occurances are rare but on the same note can exemplify what can occur; that though QA cannot always cover every scenario before a product is offered for public consumption.
It is unlikely that it would occur but it is this kind of stuff that creates the checks and balances for their product; and "stuff" the vendor may have missed.
Someone with malicious intent or on some sort of "dare" can take advantage of this "faux pas" easily enough.
That said though not sure if a "label" on the product stating something about misuse can lead to a fire will suffice at corrective actions to a seemingly design flaw.
Just a few years ago I had a Z-Wave lamp module do a "flash and burn". The lamp module was behind a couch. The "flash" part was bright enough to be seen thruout the entire family room. Taking the switch apart did show that there was something inside which charred the outer casing and it did "leak" some of flames from the appearance of it.
Here are some pictures of the remains of said switch. Vendor did apologize and replace it promptly. That said though it could have started a fire as it was only a few inches from the back of the couch in the family room.
It didn't stop me from installing Z-wave and from what I can tell there is no way that I could check switches for being "flash and burn" susceptible before installation.
Not too long ago on another thread in another forum the moderators laptop did a flash and burn while he was using it. The fire department was called. It did fill up the house with noxious fumes, burnt a chair and half the laptop. He was able to take it outside while it was smoldering. The smoke though did damage his home a bit. His pictures and story did make me more vigilent to have a look at my laptops and batteries et al. Here I will also post some pictures of the damage. (it happened just about 2 weeks ago).
One day a few summers ago while taking my children to Florida; I saw a "flash and burn" of one of two engines on the plane we sat on midflight. The pilot promptly put the fire out and said it was no issue to fly with one engine. We did continue on the flight and landed just fine. (it was sight that I will never forget seeing). I don't have pictures as I was mesmerized by watching.
I did learn how to fly some time in my lifetime; my flight instructor also did get killed while teaching someone else how to fly. Logically it made no sense to me as he was a very good instructor; carefull always following "scripted" methodologies of flight. That said though it didn't stop me from continuing to learn and fly.
Historically the odds of said type occurances are rare but on the same note can exemplify what can occur; that though QA cannot always cover every scenario before a product is offered for public consumption.
Attachments
tmbrown97
Senior Member
Dan - I think you actually backed my point, IMO. Done right IP networks are very secure - but even your network as it exists today is probably more than 85% of the world could manage! For the rest of the world, they won't know how to do it so they'll have the neighbor kid help out - and he'll get thing functioning but won't have enough experience to make sure the network is well isolated and secure. Not to mention, when they get a flyer selling them on the new x-verse they'll call the ISP who'll send a semi-trained monkey out to swap their router, load more crap software on their machine (with things like uPNP turned on to make their jobs easier) and leave after having changed the IP address scheme in their house and resetting any/all port forwarding.
In an effort to protect commercial products (like WeMo) from dying every time this happens, they have to connect to something known outside the home and be as plug & play as possible... They'll try to use uPNP to open what they need; it's a complete conflict of interest. But their products won't sell if you have to hire. A network engineer to install them - and where would the average consumer even get access to advance networking support like that - Geek Squad?
At least with Serial, once a connection is made nothing will screw it up short of damaging the cable/connection.
I suspect this will evolve at some point in the future to some form of IPV6 Mesh with a couple gateway points in the home and some good auto-discovery protocols - but I'd put that at least 10 years out before the surface is even scratched and even then it'll be painful while we wait to see which "standard" ends up winning and waiting for manufacturers to finally jump on board.
In an effort to protect commercial products (like WeMo) from dying every time this happens, they have to connect to something known outside the home and be as plug & play as possible... They'll try to use uPNP to open what they need; it's a complete conflict of interest. But their products won't sell if you have to hire. A network engineer to install them - and where would the average consumer even get access to advance networking support like that - Geek Squad?
At least with Serial, once a connection is made nothing will screw it up short of damaging the cable/connection.
I suspect this will evolve at some point in the future to some form of IPV6 Mesh with a couple gateway points in the home and some good auto-discovery protocols - but I'd put that at least 10 years out before the surface is even scratched and even then it'll be painful while we wait to see which "standard" ends up winning and waiting for manufacturers to finally jump on board.
BraveSirRobbin
Moderator
Well, do you agree at least if they didn't require communication with the 'cloud', this could be setup as a lot more secure?
tmbrown97
Senior Member
Oh of course - if I had any say in the matter, I'd suggest they offer their products with the cloud offering, but as a default setting that could be turned off and switched over to be managed by a device purely within your network. Then it's the best of both worlds. I don't know how practical that is - for the extra development effort - but until someone tries we won't really know.
ChrisCicc
Active Member
Work2Play said:
Belkin won't do that, because then they lose their competitive differentiation. Of course, those of us here don't think that differentiation is worthwhile from a consumer perspective. I fully expect most consumers to agree in time, and Belkin to exit the market or sell WeMo for parts, leaving owners high and dry. I don't personally think their products are even that good looking.
BraveSirRobbin
Moderator
I saw their products at CES a few weeks ago, and I thought they looked great and the IP concept was a good one, until I heard that 'cloud' bit.
BraveSirRobbin
Moderator
drvnbysound
Senior Member
M Terry said:
While the threat you mention is certainly possible the chances of it actually occurring are probably fairly slim. I suppose if someone had some major issues with you they could certainly attempt it, although they'd obviously have to know where you live and would probably live somewhat nearby. However, the threat mentioned in this thread could seemingly occur to anyone using this system and be done by anyone with said knowledge from anywhere in the world. It's not unreasonable to realize that someone could hack into the Belkin cloud, and attack everyone with the service, and to do it just because they can - for fun! Or to add a bullet to their resume. It may or may not cause damage in any or all homes, but it is possible. Having said that, I doubt anyone is going to take gasoline and a rag to your home for kicks... and less likely for someone to jump on a plane just to do it either.
I don't know that anyone is trying to impose "fear" but simply to open the eyes of the people who don't understand or see that the threat exists. What I was really posting about was BackTrack in general... For example. there are a number of videos showing how easy it is, using BackTrack, to hack into Wordpress based websites.
