More Reasons the “Internet of Things” Is a Terrible Idea: Your Techno-Gadgets Run Amok Redux

Following on yesterday’s note about home routers getting hacked to send your surfing wherever the crooks want it to go, Brian “Peter Parker of the Internet Underground” Krebs has a great post listing a few MORE reasons not to trust that widget with a network connection.

The post in question is something I’ve been meaning to cover for a little bit. Krebs covers: – the Linksys “Moon” worm, which infected about 1000 Linksys routers, – The mid-February ASUS router security holes,
– Belkin’s WeMo “home automation” devices — pro tip here, USE YOUR FINGERS TO FLIP THE FRIGGIN’ LIGHTSWITCH IT’S NOT THAT HARD

and…
– When your “Network Attached Storage” box of hard drives welded to a network jack starts mining Bitcoins (for someone else)

– Serious security holes in a Symantec INTRUSION PROTECTION product meant to deploy on computers

Fortunately Krebs is a reasonably cool customer and gives some good advice on how to lock down your routers. Short answer? Kill the stock swiss-cheese software and replace it with open-source firmware like DD-WRT or Tomato, which tend to be “secure by default.”

Handy links to the latter:

http://www.dd-wrt.com/site/index
http://www.polarcloud.com/tomato

https://krebsonsecurity.com/2014/02/time-to-harden-your-hardware/

(too much to quote)

Advertisements
%d bloggers like this: