Toddimus Posted September 25, 2014 Share Posted September 25, 2014 Not to be alarmist... but I just read this article on CNN and it sounds like the Linux based OS of the ISY could be vulnerable to the newest hit amongst the hackers out there: The "Bash Bug"... http://money.cnn.com/2014/09/24/technology/security/bash-bug/index.html?hpt=hp_t2 Just wanted to raise the flag to the powers that be. -Todd Link to comment
Mike Ippolito Posted September 25, 2014 Share Posted September 25, 2014 We wrote our own RTOS, it is not Linux based. Your 'status' is safe with us. Sent from my iPhone using Tapatalk Link to comment
Toddimus Posted September 25, 2014 Author Share Posted September 25, 2014 Mike, Awesome! Thanks for the info. I had always thought it was Linux based. I guess my Raspberry Pi would be vulnerable though. I'm not currently using it, but had planned to integrate it into the system. Cheers, Todd Link to comment
apostolakisl Posted September 25, 2014 Share Posted September 25, 2014 I don't know much about this, except that as I read other articles it would seem that it is not as simple as being a "linux" problem. It seems to be this "bash" interface which may or may not be a part of any particular linux system and could be part of non linux, unix based systems. Link to comment
Michel Kohanim Posted September 26, 2014 Share Posted September 26, 2014 Hello everyone, As Mike suggested, ISY is not Linux based and we do not use bash and neither do we use environment variables. Furthermore, out of concern for security, we do not parse or do anything with HTTP headers that we do not like. For instance, there's really no way to put a ping command in an http header and have ISY ping the device. With kind regards, Michel Link to comment
Recommended Posts
Archived
This topic is now archived and is closed to further replies.