Thread replies: 50
Thread images: 7
Thread images: 7
File: 1476933932578.webm (731KB, 426x240px) Image search:
[Google]
731KB, 426x240px
http://www.nytimes.com/2016/10/22/business/internet-problems-attack.html?_r=0
Why can't we just enact laws that force people to test their own networks for infected botnet computers? Why can't we just hold people and businesses liable for using and buying infected hardware?
Honestly, the DDOS over IoT problem is only going to get worse the further we get into the future. Right now computers and smartphones are still kind of in the niche phase. Just wait till cheap/disposable/3d printable technology becomes widely available, and the internet is going to melt down. Everybody and their pets will have multiple, if not eventually hundreds of internet connected devices on them, even in third world countries, and it won't cost a fortune like it does today. What will we do then? Sure our networks will be bigger and more robust, but will they ever be able to handle exponential growth?
I predict an absolute shitstorm within the next 50-100 years. Eventually, everybody will prefer to speak on private bitcoin-operated "toll" net to avoid the spam. That won't stop the problem though. Just look at sites like Plebbit and /pol/. Notice the ridiculous amount of political botting that's been going on? Pretty soon, bots will outnumber us all by many orders of magnitude more than they are outnumbering us today.
>>
File: 1457699866128-1.jpg (8KB, 200x210px) Image search:
[Google]
8KB, 200x210px
>>57186040
>tfw you sit on this shit
>tfw you crash and the case is opened
>>
>>57186073
You need to puncture a cell INTO another cell to get reactions like this.
If something near your ass is that impacted, you likely have more serious spinal issues to worry about.
>>
>>57186078
Not if you get stabbed in the butt and the phone saves you, only to end up killing you itself.
>>
>>57186040
I blame it all on the fucking Chinese IoT makers, these fuckers will sell anything as long as it works, they have no concept of quality or security. These Chinese developers consider Caesar ciphers as security. They won't hesitate even for a second at setting 1234 as the default password.
Retarded users are to be blamed too, what the fuck do they expect when they pay 0 attention to security, keep default password, download malware from shady websites. And then after they get affected, they complain.
Shit makes me legitimately mad
>>
>Why can't we just enact laws that force people to test their own networks for infected botnet computers?
>Why can't we just hold people and businesses liable for using and buying infected hardware?
Why stop there?
>Why can't we just kill stupid fucking people since stupid fucking people will be the death of us all?
>>
File: Anteater.jpg (701KB, 1050x900px) Image search:
[Google]
701KB, 1050x900px
>>57186040
>I predict an absolute shitstorm within the next 50-100 years
The shitstorm is going on right now, in case you haven't noticed. It's only going to get worse as more and more bots with Mirai code come online. DNS must be abandoned and a new (and secure) protocol put in place.
>>57186162
>Retarded users are to be blamed too
What's worse, to me, is that a lot of the devices being hijacked for botnets have HARDCODED accounts. Even if you, as a user, are not retarded, there is nothing you can do to change the hardcoded credentials. Anything you buy off the shelf might have some of this shit in it, and the only way you can avoid it if you are aware of the device having those hardcoded creds. The only way to find that out is either to root through the developer/service documentation for the device (where it may not be published) or to crack out a rainbow.
This shit makes me mad too.
>>
Why? It's funny?
>>
>>57186040
Don't almost all botnet computers run Windows? How the hell would IoT make the botnet worse if they don't run Windows? There are 50 viruses for Linux, and thousands for Windows.
>>
>>57186040
>IoT
IoT doesn't exist you fucking idiots, only retards who can't properly name things call shit IoT
>>
>>57186830
You can still block these devices from having any direct access to the internet as a user.
>>
>>57186906
the is /g/ you fucking retard, what did you expect ?
>>
>>57186095
Such is life in the digital age.
>>
>>57186040
>websites were inaccessible
Holy shit, no they were not. Poor fucking journalism.
>>
>>57186893
No they run Linux. This attack was composed of poorly secured CCTV, smart TVs, DVRs etc. These so called IoT aren't really updated after they are sold. And you don't write virus for linux. You write user privilege escalation exploits to get root so you can do whatever you want. Like DDoS, proxy chaining to hide yourself when breaking into government data systems and hide illegal servers with illegal content to make it difficult for law enforcement to find the people behind it.
>>
>>57186969
>These so called IoT aren't really updated after they are sold.
Incorrect.
>>
>>57186988
Smart TVs yes for about 2 years after purchase. How many hotfixes have automatically been downloaded by your internet connected printer, camera etc the past 4 years?
>>
>>57186969
That requires a virus/trojan. They don't hack every single botnet computer manually.
https://en.wikipedia.org/wiki/Zombie_(computer_science)
This article seems to say that most botnets don't run Linux.
>>
>>57187001
>How many hotfixes have automatically been downloaded by your internet connected printer, camera etc the past 4 years?
My printer gets updates at least once a month. It's over 2 years old.
>>
>>57187001
My DVR gets updated at least once a year(although it's my cable providers problem, not mine), my camera has recovered several firmware updates but has no networking capability, my all in one gateway device just received an update last week, and my dumb TV had an update in 2013 and is also not connected to the Internet.
>>
>>57187009
>That requires a virus/trojan. They don't hack every single botnet computer manually.
It's quite clear you have no idea what the fuck you are talking about or have any idea about IT security.
>>
>>57187054
It's quite clear that you have no idea what a botnet actually is.
>>
>>57187012
What brand and model?
>>57187034
>My DVR gets updated at least once a year(although it's my cable providers problem, not mine),
You don't see a problem with it being once a year? Your DVR is potentially a part of DDoS right now.
>my camera has recovered several firmware updates but has no networking capability,
Why even bring it up then? My newspaper get delivered every day with updated news but sadly it has no networking capabilities.
>my all in one gateway device just received an update last week,
Did you install it manually or was it done automatically? Unless it's a router provided by your ISP it will most likely not automatically update itself.
>and my dumb TV had an update in 2013 and is also not connected to the Internet.
My 10 year old camera got a firmware update 8 years ago. It's also not connected to the internet and not relevant to the term IoT.
>>
>>57187100
>What brand and model?
It's Japanese and I'm not giving out that information on my trip. It's a cheap printer.
>>
>>57186040
seriously. let's start fining people for being part of a botnet. fining businesses for selling vulnerable hardware. watch those attack rates in ddos drop right the fuck down.
>>
>>57187088
Not you have no fucking idea and it shows. 10 million devices not running windows just shut down dyn. Mirai based botnets simply crawls the internet looking for unsecure "IoT" devices with default login details. Devices you can access with telnet or ssh. Once in there you have root access you can do pretty much whatever you want. And that doesn't imply you have to do any of that manually. Get root and install your botnet. Add some DNS reflection and you'll have consumer routers participating in a 100Gbps DDoS.
>>
File: my life.png (1MB, 951x1003px) Image search:
[Google]
1MB, 951x1003px
there needs to a moratorium on smart juicers until we can study their impact further
>>
>>57187122
I don't believe you have a printer. You are a casual phone browser that don't own a real computer.
>>
>>57187009
>This article seems to say that most botnets don't run Linux.
Good for your article.
The most recent high profile DDOS attacks have come from devices running Linux
>>
>>57187164
That's social engineering. It doesn't say anything about the security of Linux.// 1337 haxor "virus" for muh botnet
if (password == "12345") {
hack();
}
>>
>>57187179
I need if for uni.
>>
>>57187203
>"Hello mister router, I have your default login details and also your hardcoded login details burnt into your eeprom for full fingering access over telnet. I'm actually your owner even though I didn't buy you. May I enter?"
Please stop posting.
>>
>>57187280
The manufacturer tells you to not use the default login details. Retards don't follow this advice. It's the same kind of mistake as using 12345 as your password.
>>
>>57187296
The manufacturers in this case hard coded login details into the device you can't change. And I still don't see how it's social engineering using default login details. You throw around terms that you have no idea what they actually mean. Do you do gender studies or something?
>>
>>57187203
>>57187296
filtered
just stop posting you dumb fuck
>>
>>57187350
>The manufacturers in this case hard coded login details into the device you can't change.
I've never used a router that you couldn't change the password on. If other IoTs have unchangeable passwords, then the manufacturer is stupid.
It's still not Linux's fault.
>>
>>57187401
>I've never used a router that you couldn't change the password on. If other IoTs have unchangeable passwords, then the manufacturer is stupid.
No you don't fucking understand. You may be able to change your web interface but the manufacturer hard coded login details for telnet and ssh. You seem retarded so you probably don't even know you can access most routers this way.
>It's still not Linux's fault.
You blame microsoft for people willingly installing viruses and botnets on windows. Since you put the bar on that level then yes it's Linux fault. And there was a root escalation privilege bug in the linux kernel that wasn't fixed for 9 years despite being known.
And this >>57187380. I can't handle more stupid from you.
>>
>>57186040
I do agree there should be some liability but its such a hard thing to enforce due to the amount of stakeholders. Not only that but even defining the traffic as harmful leads down a slippery slope. I wouldn't want to get fined because my ISP sees traffic some regular wincuck or macfag wouldn't typically have.
>>
We'll have tiered internet licenses before too long.
Want to access sites past facebook, twitter, instagram, good goy news network, etc? Gotta have a license for less restricted internet access.
IOT things? Need a license. *nix boxes? Need a license. Soon it'll all be locked down for the regular user and any traffic outside the norm will be easily tracked to the users deemed accountable for them.
>>
>>57187478
t-telnet and s-s-ssh are disabled by default on verizon r-routers r-right?
>>
http://www.bbc.com/news/technology-37738823
>Many of the devices involved come from Chinese manufacturers, with easy-to-guess usernames and passwords that cannot be changed by the user - a vulnerability which the malware exploits.
As usual, the chinks did everything wrong
>>
File: 1441417384117.jpg (45KB, 293x301px) Image search:
[Google]
45KB, 293x301px
>>57186040
Oh wow poorly secured IoT devices are actually a problem. Nobody ever could have predicted this.
>>
>>57186576
Its not fucking hard to spot unusual traffic.
>hey, all these computers are sending requests like 200 times a second... oh well, seems normal.
>>
>>57186040
here's how we fix it
>technology proficiency test
you need to get it to get a license that allows you to buy technology, here's a couple of things it could include
>know one programming language
>can detect malware
>>
File: tumblr_nxkazbl4at1thgil6o1_540.jpg (46KB, 530x810px) Image search:
[Google]
46KB, 530x810px
The botnet in question:
https://github.com/jgamblin/Mirai-Source-Code
>>
File: 1436641056588.jpg (14KB, 249x228px) Image search:
[Google]
14KB, 249x228px
>>57186040
>Why can't we just hold people and businesses liable for using and buying infected hardware?
>government wants you arrested
>NSA hacks into your devices
>loads it with a virus or botnet
>then uses it and claims you violated the law
>arrests you under it
>>
>>57190968
You are a moron. It's a botnet (the real one, not the meme one). It's a large number of computers sending a normal amount of requests --> huge number of requests.
>>
>a refrigerator has the power to cause inconvenience to multi-million dollar companies
pretty funny desu
>>
>>57191848
Some of the default passwords are kind of funny. And you can tell some of the engineers were Chinese.
>>
If we did that Microsoft and Google would be out of business.
Thread posts: 50
Thread images: 7
Thread images: 7