"Bash Bug" -- Is the ISY vulnerable?

Toddimus · September 25, 2014

Not to be alarmist... but I just read this article on CNN and it sounds like the Linux based OS of the ISY could be vulnerable to the newest hit amongst the hackers out there: The "Bash Bug"...

http://money.cnn.com/2014/09/24/technology/security/bash-bug/index.html?hpt=hp_t2

Just wanted to raise the flag to the powers that be.

-Todd

Mike Ippolito · September 25, 2014

We wrote our own RTOS, it is not Linux based. Your 'status' is safe with us.

Sent from my iPhone using Tapatalk

Toddimus · September 25, 2014

Mike,

Awesome! Thanks for the info. I had always thought it was Linux based.

I guess my Raspberry Pi would be vulnerable though. I'm not currently using it, but had planned to integrate it into the system.

Cheers,

Todd

apostolakisl · September 25, 2014

I don't know much about this, except that as I read other articles it would seem that it is not as simple as being a "linux" problem. It seems to be this "bash" interface which may or may not be a part of any particular linux system and could be part of non linux, unix based systems.

Michel Kohanim · September 26, 2014

Hello everyone,

As Mike suggested, ISY is not Linux based and we do not use bash and neither do we use environment variables. Furthermore, out of concern for security, we do not parse or do anything with HTTP headers that we do not like. For instance, there's really no way to put a ping command in an http header and have ISY ping the device.

With kind regards,

Michel

Sign In

"Bash Bug" -- Is the ISY vulnerable?

Recommended Posts

Toddimus

Link to comment

Mike Ippolito

Link to comment

Toddimus

Link to comment

apostolakisl

Link to comment

Michel Kohanim

Link to comment

Archived

Recently Browsing

Who's Online (See full list)

Forum Statistics

Browse

Activity