[193627] in North American Network Operators' Group
Re: IoT security
daemon@ATHENA.MIT.EDU (William Herrin)
Thu Feb 9 03:39:20 2017
X-Original-To: nanog@nanog.org
X-Really-To: <nanog@nanog.org>
In-Reply-To: <CAOZq8-j2X0TWEaKkO7q8YuAZ+p7hxNmmKCD6=TwnTEwh2RY0Cg@mail.gmail.com>
From: William Herrin <bill@herrin.us>
Date: Wed, 8 Feb 2017 11:40:25 -0500
To: Damian Menscher <menscher@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>, Rich Kulawiec <rsk@gsp.org>
Errors-To: nanog-bounces@nanog.org
On Wed, Feb 8, 2017 at 11:30 AM, Damian Menscher <menscher@gmail.com> wrote:
> On Wed, Feb 8, 2017 at 7:22 AM, William Herrin <bill@herrin.us> wrote:
>> On Wed, Feb 8, 2017 at 10:12 AM, Rich Kulawiec <rsk@gsp.org> wrote:
>> > We need to make it their problem.
>>
>> How?
>
>
> The devices are trivially compromised (just log in with the default root
> password). So here's a modest proposal: log in as root and brick the
> device.
Okay, so within the confines of lawful activity, how?
'Cause I'm guessing that coordinated criminal activity is going to be
a community non-starter. At least when it's this unambiguous. ;)
Regards,
Bill Herrin
--
William Herrin ................ herrin@dirtside.com bill@herrin.us
Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/>
