kohai Posted October 21, 2016 Posted October 21, 2016 IoT devices used in today's ddos attack on dyn http://arstechnica.com/security/2016/10/double-dip-internet-of-things-botnet-attack-felt-across-the-internet/ (I totally typo'd ddos in the subject)
mwester Posted October 22, 2016 Posted October 22, 2016 <sarcasm> Ah, but we don't care about security here on this forum! You see, nobody here (as they constantly remind me whenever I post anything related to security) has anything worth hacking. And apparently, the potential to disrupt others isn't important either. </sarcasm> This highlights a huge problem, and a not-so-pleasant future. There's simply no way to make users care to secure their devices, or pay more for secure devices in the first place -- just witness the commentary on this forum whenever security is brought up. So, in order to protect the internet infrastructure, it means that each ISP is going to have to step in. Hopefully, the bulk of these attacks can be dealt with by the ISPs blocking our outbound traffic in a relatively benign manner -- but as the bad guys get smarter, and more and more devices become potential weapons in a DDoS attack, it may end up that your ISP will simply proactively shut down customers when events like this start, rationalizing that cutting off access to the internet temporarily for blocks of customers is better than having all their infrastructure shut down. Way down the road -- I suspect we'll end up with more tiers of ISP service. For those that are willing to invest enough, perhaps to even have their routers/firewall in-home managed by the ISP, you would be guaranteed not to be shut down when the rest of the city block gets shut down due to one guy somewhere on the block sending a packet that looks like it might be related to a DDoS attack.
Scottmichaelj Posted October 22, 2016 Posted October 22, 2016 Interesting timing. Giesen posted this and I watched live. Brings up very good points. <@236652715588059137> http://forum.universal-devices.com/topic/20120-vint-cerf-father-of-the-internet-gives-keynote-speech-on-iot/ So while I may not, like others here, be concerned about personal attacks on my actual home I think after seeing what happened today, the webcam DDos attack and after watching this video, my opinion is changing rapidly. The question is whats the solution and to be honest, is there one? I dont think theres anything we can do and it will be a continuous fight as software will always have bugs. Please watch the video, very thought provoking points.
larryllix Posted October 22, 2016 Posted October 22, 2016 IoT devices used in today's ddos attack on dyn http://arstechnica.com/security/2016/10/double-dip-internet-of-things-botnet-attack-felt-across-the-internet/ (I totally typo'd ddos in the subject) You can edit the thread title with "More Reply Options"
Teken Posted October 23, 2016 Posted October 23, 2016 <sarcasm> Ah, but we don't care about security here on this forum! You see, nobody here (as they constantly remind me whenever I post anything related to security) has anything worth hacking. And apparently, the potential to disrupt others isn't important either. </sarcasm> This highlights a huge problem, and a not-so-pleasant future. There's simply no way to make users care to secure their devices, or pay more for secure devices in the first place -- just witness the commentary on this forum whenever security is brought up. So, in order to protect the internet infrastructure, it means that each ISP is going to have to step in. Hopefully, the bulk of these attacks can be dealt with by the ISPs blocking our outbound traffic in a relatively benign manner -- but as the bad guys get smarter, and more and more devices become potential weapons in a DDoS attack, it may end up that your ISP will simply proactively shut down customers when events like this start, rationalizing that cutting off access to the internet temporarily for blocks of customers is better than having all their infrastructure shut down. Way down the road -- I suspect we'll end up with more tiers of ISP service. For those that are willing to invest enough, perhaps to even have their routers/firewall in-home managed by the ISP, you would be guaranteed not to be shut down when the rest of the city block gets shut down due to one guy somewhere on the block sending a packet that looks like it might be related to a DDoS attack. Many of you already know what I am going to say - Let it all burn down. Latest news indicates this attack was in support of Wikileaks because his Internet was cut off by Ecuador. HRC and gang asked them to do so because they are bleeding out due to the leaked emails. With respect to the whole DDOS there are so many articles offering zero facts and simply reciting the same hearsay. There isn't one person from any agency, security company that can show proof one single smart refrigerator was part of this attack. Nor can anyone show proof it came from a so called IoT device. Which by the way if I could punch the guy in the throat who coined that phrase . . . People are saying that tens of thousands of so called DVR's, IP camera's, and other random gadgets are part of this botnet. That is complete and utter crap in terms of it happening from North America. The preliminary maps I have seen of where the so called botnets are originating from dozens of countries. The fact some of the so called Internet rag news agencies say a smart TSTAT's were involved just shows how stupid people truly are besides - being so complacent. Like mwester - I say let it all crash and come to a complete halt because too many people need a reality check. In other news its been discussed how Apple Home Kit is on the radar due to the above.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.