Cloudflare presents a primer on "anti-patterns" that have transformed IoT devices into ghastly security nightmares.
This JSON request instructs the alarm clock on every “alarmSound” event to send a HTTP request to the coffee machine. Whilst this may seem a simple and effective way of implementing the Pub/Sub pattern in HTTP, this poses a significant security risk.
By not being able to validate if the receiver of the subscribed message wants the message or not, there is effectively a DDOS vulnerability. An attacker with the ability to set subscriptions on the alarm clock can effectively send HTTP messages to any device or internet property they want. If this is done across enough devices, a DDOS vulnerability is created.
Toast popping out of a toaster or a car driving across a road traffic sensor could be the trigger of a future large scale DDOS against a web property.
IoT Security Anti-Patterns
(via 4 Short Links)
Windows Phone 7 was Microsoft’s belated entry in the smartphone wars, ushering in cool new design trends without making a huge impact on the business. Windows Phone 8 was a disappointment. But the first major point version is a big surprise, packing all the new features expected in its predecessor: “a magnificent smartphone platform,” writes […]
William Gibson’s books often feature big, sinister corporations co-opting near-future technological wonders to uncertain ends. Facebook buying Oculus fits right in there! John Brownlee heralds the coming “cyberpunk war” to be fought by giant multinational corporations, in the future entertainment dystopia you were always promised. [Fast Co]
TempleOS is 100% open-source and 100% free of crufty 32-bit code, but “interpretation is tricky.” [via JWZ]
Our computers are home to a myriad of files and documents, many of which contain sensitive information. While storing this data on your computer is convenient, it’s not exactly safe, and with news headlines highlighting data leaks and ransomware attacks on what seems like a daily basis, moving them to a safer location is a […]
Total versatility isn’t something you’d typically find in a telescope. While magnification tech has come a long way, most telescopes are designed to either gaze upon the stars or view the landscapes beneath them. The Omegon Maksutov Telescope MightyMak 60 lets you do both, and thanks to its compact design, you can easily incorporate some sightseeing into […]
The web is an invaluable tool for connecting small businesses with their target audiences. However, when it comes to building a website and marketing online, the learning curve can be steep if you’re doing it on your own. The WordPress Essentials Lifetime Bundle can help you out by getting you up to speed with the platform […]