[clue-talk] the IPv6 dream is dead - more discussion fodder
dennisjperkins at comcast.net
dennisjperkins at comcast.net
Tue Jul 1 17:39:55 MDT 2008
Appliances was a stupid reason but we might want it for another reason. Cell phones with Internet capability.
-------------- Original message ----------------------
From: Nate Duehr <nate at natetech.com>
> I always laughed when I saw comments that IPv6 was "needed" so that
> "every appliance in your home could be network-connected".
>
> It was always a commonly (even if tongue-in-cheek) example in
> publications -- about why we needed massive address space in the 90's
> boom days. And almost always in texts about IPv6.
>
> Now here's a real-world example of why you DON'T want your coffee pot on
> your corporate LAN: Someone could SCREW with your COFFEE.
>
> Call out the National Guard! Puddles I tell you! Puddles!!!!
>
> Nate
>
> --------
>
> MISCELLANEOUS
> --Java Jive
> (June 17, 2008)
> Risk Advisory Services manager Craig Wright notes that his Internet
> connected Jura Impressa F90 coffee maker has a number of software flaws
> that could be exploited to change the brewing strength of the coffee,
> change the amount of water used for each cup, possibly causing puddles,
> and engineer incompatible settings that break the machine. Attackers
> could also "gain access to the Windows XP system it is running on at the
> level of the user."
> http://www.securityfocus.com/archive/1/493387
> http://it.slashdot.org/article.pl?no_d2=1&sid=08/06/17/1941200
> [Editor's Note (Honan): On numerous occasions when working with clients
> I have discovered issues with these type of devices that have undermined
> the security of their network. Default passwords, misconfigurations and
> unpatched operating systems can allow these devices be a point of attack
> onto your network. So make sure you include them in your risk
> assessment, vulnerability management process and protect them
> accordingly.
> (Veltsos): This past year many security researchers have been raising
> the alarm about the vulnerabilities hiding in embedded devices. Many
> such devices run trimmed-down operating systems (often Linux-derived),
> come bundled with outdated or exploitable programs, and offer little or
> no patching capability. As more devices become internet-capable, the
> threat landscape expands into unconventional and often overlooked
> devices, from coffee makers to fridges, from digital picture frames to
> internet webcams.
> (Kreitner): Finally, cyber security will get some attention when people
> realize it could mess with their coffee. That's serious. Call in the
> risk managers. Get on this right away.]
> _______________________________________________
> clue-talk mailing list
> clue-talk at cluedenver.org
> http://www.cluedenver.org/mailman/listinfo/clue-talk
More information about the clue-talk
mailing list