Fear and Loathing of IoT

Fear and Loathing of IoT

I never had to fear my VHS recorder. It sits under my bed now, gathering dust, in case I decide I really need to play one of the six VHS tapes I have left (stored in my closet, gathering dust). But even when it was actively used it never presented a threat to anyone. I do fear my DVR.

It wasn’t always a threat. In fact I was excited when I first got the device. I could record hours of shows I would never get around to watching. Having shows stored on my DVR means I always have the option of watching them, but will never have to.

Then I was offered a new DVR by my cable provider. An upgrade. I could record hours and more hours of shows. So I got it.

Some of these great features required a connection to the internet. And sure enough, my shiny new DVR had an Ethernet connection on the back. 

That last part was supposed to be a good thing. But that connector made me start to think.   My DVR is yet another IoT device.  That made it dangerous if connected to the internet. And now we know just how dangerous that is. Turns out some DVRs have well known default passwords that are hard coded. Have Telnet and SSH turned on. And who knows how many unpatched vulnerabilities there are in the OS.

Is mine that way? I have no idea. My cable company is not telling me. There is nothing on their website addressing the issue. Since my brand does not appear to have been used in the latest DDoS attacks, should I then consider it safe? I don’t think so. And I don’t see it as my responsibility to Pen test the device. It’s not my job to determine if IoT devices I bring into my home pass even basic security standards.

It may appear that I have no other choice; I have to figure it out myself. But I refuse to do that. I’ve made a simpler choice. That Ethernet connector is gathering dust. I never connected my DVR to the Internet. I never will. And I want to make something clear to the cable company, and ever other company trying to sell me services via their box and the internet – it ain’t happening till you make these devices secure.

Sachin Rahim

Senior Engineer Video AI platform/Infrastructure Development & Delivery @ e& enterprise-MBA in Project Management PMP?CDCP C.Eng.(I) FIE(I)

8 年

I used in meli iran bank in 2006...

回复
Dave Manning

Content Generator

8 年

I hated tape, but at least it was hacker proof. ps - don't think a lot of people saw the story about the big device hack last week, so they may not get this comment.

回复

Totally agree with you.

要查看或添加评论,请登录

Kevin Haley的更多文章

  • The NSA Speaks

    The NSA Speaks

    The NSA speaks. Not about the latest contractor to steal data from them.

  • Get Out Of My Head

    Get Out Of My Head

    A house has always been a great analogy for explaining computer security. If you don’t lock your doors and windows it’s…

  • Evil Maid

    Evil Maid

    When a big company gets breached it makes the papers. Everyone knows about it.

    1 条评论
  • HACKING HOLLYWOOD: THE INAUGURAL SYMMY AWARDS

    HACKING HOLLYWOOD: THE INAUGURAL SYMMY AWARDS

    For the past decade, we’ve seen cyber security and hacking starting to play a big role in entertainment. Countless…

    2 条评论
  • To Pay Or Not To Pay

    To Pay Or Not To Pay

    To pay or not to pay… with ransomware that is the question. You’ve heard of others who have gotten their files back by…

    2 条评论
  • Canary or a Goat?

    Canary or a Goat?

    Would you rather be a Canary or a Goat? That question sounds like an ice breaker at a group encounter session. I have…

    2 条评论
  • "I'm Sick Of Talking About Best Practices!"

    "I'm Sick Of Talking About Best Practices!"

    "I'm sick of talking about best practices". That’s what I was told recently.

    5 条评论
  • Ransomware is like the Black Plague

    Ransomware is like the Black Plague

    Ransomware is like the Black Plague. Once infected you have the equivalent of a big X on your door - here it’s a ransom…

    2 条评论
  • A Grade

    A Grade

    A company you’ve done business with has been breached. Your information has been stolen.

    3 条评论
  • Small Businesses and Security

    Small Businesses and Security

    There is a retail store in my neighborhood. I shop there.

    2 条评论

社区洞察

其他会员也浏览了