Surveillance Cameras Sold On Amazon Found Infected With Malware (zdnet.com)

← Back to Stories (view on slashdot.org)

Surveillance Cameras Sold On Amazon Found Infected With Malware (zdnet.com)

Posted by msmash on Monday April 11, 2016 @06:10AM from the why-is-the-red-light-still-on? dept.

An anonymous reader shares a report on ZDNet: Security researcher Mike Olsen has warned that some products sold through the Amazon marketplace are harboring a dark secret -- malware. Olsen said in a blog post that while scouring Amazon for a decent set of outdoor surveillance cameras for a friend, he came across a deal for 6 PoE cameras and recording equipment. The seller, Urban Security Group, had generally good reviews and was offering a particular Sony setup on sale. After purchasing the kit, Olsen started setting up the surveillance system, logging into the administrator panel to configure it. [...] Upon investigation, Olsen found that the device was talking to a server with hostname Brenz.pl, which is linked to malware distribution. If the device's firmware links to this domain, malware can be downloaded and installed, potentially leading to unlawful surveillance and data theft.Perhaps the company which made the device didn't realize its source code was compromised. While the aforementioned incident should serve as a reminder to people on why they need to be wary of the product they are purchasing, this isolated occurrence doesn't prove in any way that "plenty" of cameras on Amazon are also infected, as the article and the original blog post are subtly trying to imply.

78 comments

Min score:

Reason:

Sort:

Reasons why I don't like the Internet of Things. by Anonymous Coward · 2016-04-11 06:15 · Score: 2, Funny

Here's a list of reasons why I don't like the Internet of Things:
1) Internet of Things devices could watch me while I sleep.
2) Internet of Things devices could watch me while I pee.
3) Internet of Things devices could watch me while I make kaka.
4) Internet of Things devices could watch me while I pleasure myself.
5) Internet of Things devices could watch me while I wash my body in the shower.
6) Internet of Things devices could watch me while I relax in the tub.
7) Internet of Things devices could watch me while I brush my teeth.
8) Internet of Things devices could watch me while I make passionate love to my wife.
9) Internet of Things devices could watch me while I brush my hair.
10) Internet of Things devices could watch me while I read a book.
11) Internet of Things devices could watch me while I read Slashdot.
12) Internet of Things devices could watch me while I bake cake.
13) Internet of Things devices could watch me while I put in my contact lenses.
14) Internet of Things devices could watch me while I get ready to play golf.
15) Internet of Things devices could watch me while I do my laundry.
16) Internet of Things devices could watch me while I think about rugby.
17) Internet of Things devices could watch me while I tie my shoes.
18) Internet of Things devices could watch me while I celebrate the 4th of July.
19) Internet of Things devices could watch me while I water my flowers.
20) Internet of Things devices could watch me while I eat ham.
21) Internet of Things devices could watch me while I use my stapler to staple documents.
22) Internet of Things devices could watch me while I chew bubble gum.
23) Internet of Things devices could watch me while I check the oil in my car.
24) Internet of Things devices could watch me while I look for my TV remote.
25) Internet of Things devices could watch me while I blow my nose.
26) Internet of Things devices could watch me while I rearrange my stamp collection.
27) Internet of Things devices could watch me while I listen to the Backstreet Boys.
28) Internet of Things devices could watch me while I do my calisthenics.
29) Internet of Things devices could watch me while I search for a paper clip.
30) Internet of Things devices could send information about me to advertisers.
31) Internet of Things devices could let advertisers use the data unsuspectingly collected about me while I sleep.
32) Internet of Things devices could let advertisers use the data unsuspectingly collected about me while I pee.
33) Internet of Things devices could let advertisers use the data unsuspectingly collected about me while I make kaka.
34) Internet of Things devices could let advertisers use the data unsuspectingly collected about me while I pleasure myself.
35) Internet of Things devices could let advertisers use the data unsuspectingly collected about me while I wash my body in the shower.
36) Internet of Things devices could let advertisers use the data unsuspectingly collected about me while I relax in the tub.
37) Internet of Things devices could let advertisers use the data unsuspectingly collected about me while I brush my teeth.
38) Internet of Things devices could let advertisers use the data unsuspectingly collected about me while I make passionate love to my wife.
39) Internet of Things devices could let advertisers use the data unsuspectingly collected about me while I brush my hair.
40) Internet of Things devices could let advertisers use the data unsuspectingly collected about me while I read a book.
41) Internet of Things devices could let advertisers use the data unsuspectingly collected about me while I read Slashdot.
42) Internet of Things devices could let advertisers use the data unsuspectingly collected about me while I bake cake.
43) Internet of Things devices could let advertisers use the data unsuspectingly coll
made in china by Joe_Dragon · 2016-04-11 06:17 · Score: 1

made in china.
And there they can slip someone say $1000 to plant code on the system (that may be running on a unlicensed windows xp os) That is used to load the firmware on the systems.
1. Re:made in china by U2xhc2hkb3QgU3Vja3M · 2016-04-11 06:21 · Score: 4, Insightful
  
  If the CPU, flash/etc ICs are made in China then you can't trust made-in-not-China devices either.
2. Re:made in china by LWATCDR · 2016-04-11 06:22 · Score: 1
  
  That is why real companies have a secure boot loader and provide signed and encrypted images.
  The trick is getting the bootloader on and then having to deal with the end users that want to hack the device and put on custom firmware.
  
  --
  See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
3. Re:made in china by Joe_Dragon · 2016-04-11 06:25 · Score: 1
  
  and if they hack the loader at the factory that may just jtag or some other system to do the base load that does not need an signed image to load?
  or it shows up as an usb disk and there is auto run Malware that just copy's to it?
4. Re:made in china by LWATCDR · 2016-04-11 06:50 · Score: 3, Informative
  
  On MCUs you often have fuses that you can blow to prevents jtag. BTW that is a bear to test because you end up with at least a few bricked devices. If you are doing large numbers of devices you can often have the MCU maker provide the chips to your manufacture with the bootloader installed and the fuses blown.
  The downside to locking the bootloader like that is that the device is no longer hackable by the end user.
  
  --
  See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
5. Re: made in china by WarJolt · 2016-04-11 07:43 · Score: 1
  
  Don't be an alarmist. China doesn't fab that many flash chips and even if they did the most likely vector is at the programming stage. Embedding a vulnerable ROM in the flash or CPU would require significantly more technical sophistication. Not only would it need to be implemented at great cost, but it would also have to escape detection when someone tries to upgrade the software.
6. Re:made in china by Anonymous Coward · 2016-04-11 07:45 · Score: 0
  
  made in china.
  And there they can slip someone say $1000 to plant code on the system (that may be running on a unlicensed windows xp os) That is used to load the firmware on the systems.
  Hey, Yanks are just as open to bribes as the Chinese, it's the capitalist way.
7. Re:made in china by Anonymous Coward · 2016-04-11 08:06 · Score: 1
  
  That's Mr. Fuse to you. And keep blowing!
8. Re:made in china by Plus1Entropy · 2016-04-11 14:57 · Score: 1
  
  At my old company we used to provide basic firmware to the CM that would just test the hardware (i.e. push each button, verify that the screen says button was pressed). The devices would be wiped and flashed with the actual firmware in house.
  
  --
  Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
There's only one way to be sure by U2xhc2hkb3QgU3Vja3M · 2016-04-11 06:17 · Score: 1

No, what do you mean "nuke them from orbit"? WTF?
I'm saying that the only way to be sure these days is by using open-source software on single board computers, such as the Raspberry Pi. But even then, you need to trust all the ICs on the damn thing but at least there's only a few of them to test.
1. Re:There's only one way to be sure by Caesar+Tjalbo · 2016-04-11 06:56 · Score: 1
  
  So you trust your compiler. Interesting...
  
  --
  "I'm not much interested in interoperability. I want substitutability. I want to be able to throw your software out."
2. Re:There's only one way to be sure by U2xhc2hkb3QgU3Vja3M · 2016-04-11 07:01 · Score: 1
  
  Open-source compiler?
3. Re:There's only one way to be sure by by+(1706743) · 2016-04-11 07:48 · Score: 2
  
  But do you trust the compiler used to compile the compiler?
  
  Although I don't think, say, GCC has been "Ken Thompson hack infected," the attack a) has been used before, and b) illustrates broader principles of trust. https://news.ycombinator.com/i...
4. Re:There's only one way to be sure by Anonymous Coward · 2016-04-11 07:53 · Score: 0
  
  If you use a binary to compile your compiler, it may still have a backdoor even if one didn't exist in code.
5. Re:There's only one way to be sure by Plus1Entropy · 2016-04-11 14:49 · Score: 1
  
  It's compilers all the way down...
  
  --
  Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
Re:Reasons why I don't like the Internet of Things by U2xhc2hkb3QgU3Vja3M · 2016-04-11 06:20 · Score: 4, Funny

1) Internet of Things devices could do things I don't want them to.
FTFY.
Re:Reasons why I don't like the Internet of Things by Anonymous Coward · 2016-04-11 06:20 · Score: 0

Someone has to watch the watchers. No?
What? by Chmarr · 2016-04-11 06:21 · Score: 3, Insightful

An editorial comment that actually LESSENS the alarmism in the submission, rather than adding to it?
This is... nearly unheard of on slashdot! What is happening???
1. Re:What? by sinij · 2016-04-11 08:23 · Score: 1
  
  An editorial comment that actually LESSENS the alarmism in the submission, rather than adding to it?
  This is... nearly unheard of on slashdot! What is happening???
  Clearly, this new development is quite alarming.
2. Re:What? by Chmarr · 2016-04-11 10:08 · Score: 1
  
  It's doing me a frighten!
3. Re:What? by Anonymous Coward · 2016-04-11 13:52 · Score: 0
  
  Somebody threatened Amazon's reputation.
  Seriously, if you don't think Amazon and Google are systematically massaging Slashdot submissions, you must've been asleep for most of the past five years.
4. Re:What? by Chmarr · 2016-04-11 14:48 · Score: 1
  
  Yep. Sounds about right! :3
Where is my slashdot? by OzPeter · 2016-04-11 06:22 · Score: 1

How dare maniacs bring common sense and rational thinking into TFS! I want my old click bait slashdot back /s

While the aforementioned incident should serve as a reminder to people on why they need to be wary of the product they are purchasing, this isolated occurrence doesn't prove in any way that "plenty" of cameras on Amazon are also infected, as the article and the original blog post are subtly trying to imply.
The truth must be that he's a shill for the Urban Security Group. Yeah that's it, you insensitive clod. Net craft confirms it. So take your hot grits and a beowulf cluster of Natalie Portmans and let Soviet Russia shove you.

--
I am Slashdot. Are you Slashdot as well?
1. Re:Where is my slashdot? by OzPeter · 2016-04-11 06:24 · Score: 1
  
  Oops .. damn auto correct. That should be maniacs. On the other hand "maniacs" does fit just as well!
  And its 2016 for dogs sake. Why can't I edit my posts and correct stupid typos? And yeah I DO know all the arguments for and against. And the against ones are pretty weak sauce.
  
  --
  I am Slashdot. Are you Slashdot as well?
2. Re:Where is my slashdot? by JustAnotherOldGuy · 2016-04-11 07:56 · Score: 1
  
  Oops .. damn auto correct. That should be maniacs. On the other hand "maniacs" does fit just as well!
  And its 2016 for dogs sake. Why can't I edit my posts and correct stupid typos? And yeah I DO know all the arguments for and against. And the against ones are pretty weak sauce.
  Sing it, brother. I've been asking for this for a while, but as yet my dream is unfulfilled.
  
  --
  Just cruising through this digital world at 33 1/3 rpm...
3. Re:Where is my slashdot? by Applehu+Akbar · 2016-04-11 08:27 · Score: 1
  
  "And its 2016 for dogs sake. Why can't I edit my posts and correct stupid typos?"
  Like every other site in the known universe. You can even edit posts on Salon.com .
4. Re:Where is my slashdot? by Anonymous Coward · 2016-04-11 09:23 · Score: 1
  
  Six cameras were bought. That is plenty.
Ain't Amazon Amazing... by mschwanke97402 · 2016-04-11 06:23 · Score: 2

I buy as much stuff off Amazon as anyone but I have learned one thing. Pay careful attention to who is actually selling the product. Amazon is full of brand-names you've never heard of (and might never again), ditto vendors. If it isn't a recognized name brand and sold by Amazon itself I don't buy it. More often lately, I am trying to be a lot less lazy and actually going to the various manufacturer or big-name vendor's web sites directly. With security camera systems there seems to be a lot of product on offer through 3rd parties rather than manufacturer direct.
1. Re:Ain't Amazon Amazing... by zenlessyank · 2016-04-11 07:03 · Score: 1
  
  Amazon is craigslist for strip center stores and off shore knock-off dumpers. I have to be hard up to look at Amazon for anything. I have to already looked EVERY where else first. Usually just for strange parts that can't be located locally. I would never buy electronics from Amazon. There are too many reputable places to take that risk.
2. Re:Ain't Amazon Amazing... by zenlessyank · 2016-04-11 07:05 · Score: 1
  
  ** have to have already looked ...... grrrr
3. Re:Ain't Amazon Amazing... by Plus1Entropy · 2016-04-11 15:01 · Score: 1
  
  Wasn't such a big deal when Amazon just sold books. Do you think they put malware on my Game of Thrones Blu-Rays?! The horror!
  
  --
  Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
surprising by Anonymous Coward · 2016-04-11 06:23 · Score: 1

Just a quick google on the brenz.pl domain and I see that its been tied to malware distribution since 2009! What the hell does it take to get that domain yanked off the Internet? Is Poland a haven for malware creators?
ALL chips are made by Chinese by ole_timer · 2016-04-11 06:26 · Score: 1

As in ALL.

--
nothing to see here - move along
1. Re:ALL chips are made by Chinese by twotacocombo · 2016-04-11 07:03 · Score: 1
  
  As in ALL.
  https://en.wikipedia.org/wiki/...
  Except for those that aren't.
2. Re: ALL chips are made by Chinese by Anonymous Coward · 2016-04-11 10:24 · Score: 0
  
  Damn there is a lot in Texas. So how much do you trust illegal immigrants?
3. Re:ALL chips are made by Chinese by ole_timer · 2016-04-11 23:40 · Score: 1
  
  Note they give start dates, but not end dates. Note that I said made by Chinese, but I did not incorrectly say in China.
  
  --
  nothing to see here - move along
Re:That's because they're LUDDITE cameras! by Anonymous Coward · 2016-04-11 06:26 · Score: 0

I've always wanted to know: what if the app appers aren't modern? What if they are, say, 60 years old?
Re:who cares by Anonymous Coward · 2016-04-11 06:32 · Score: 0

This.
Slashdot has become SJW Weekly
Capcha: begging
Not a new story, just an Amazon warning by Freshly+Exhumed · 2016-04-11 06:38 · Score: 2

Krebs and others have been talking about these kinds of Chinese surveillance products for awhile: https://news.slashdot.org/stor...
Here's another: http://news.softpedia.com/news...
The catch with *this* story is that it is about a product available through Amazon. That's it, in a nutshell.

--
I deny that I have not avoided attaining the opposite of that which I do not want.
Re:Reasons why I don't like the Internet of Things by toonces33 · 2016-04-11 06:41 · Score: 3, Funny

But what about the Internet of Thongs?
I guess that already exists - I bet all you need to do is search for it.
problem is the marketplace by Anonymous Coward · 2016-04-11 06:47 · Score: 0

anyone can set up shop on amazon marketplace. no surprise that products sold by a third party merchant are tainted.
Sony? by 110010001000 · 2016-04-11 06:57 · Score: 1

WTF does this have to do with Sony? That isn't a "Sony setup"
1. Re:Sony? by Anonymous Coward · 2016-04-11 07:17 · Score: 0
  
  A lame guilt by associated attempt, that's why.
  Seeing as this precise issue is over a month old, it's another example of shitty /. editors not bothering to spend one minute of research. Why?
  It's not even a "report" as suggested, merely a blog post picked up by zdnet. Chrome even warns you about the dodgy domain - which has already been shut down - makes the whole thing even more pathetic. It's just another failure by the new /. owners desperately trying pander to their partners.
Re:who cares by TWX · 2016-04-11 06:58 · Score: 1

This is news for nerds because first, it took a nerd to find it (most people don't have the ability to check where a device is attempting to open ports to) and because it's more news of a pre-hacked piece of equipment that most people would trust to be secure out-of-the-box from arguably the largest retailer in the world. If this was fulfilled by Amazon then it's more evidence that Amazon needs to do more quality control when they agree to stock something. They need at least SQCs and if it's widespread enough, SQEs to do this kind of random-lot testing.

--
Do not look into laser with remaining eye.
Editors doing their job? by carvalhao · 2016-04-11 07:02 · Score: 1

An editor actually trying to defuse a potentially mediatic, attention grabbing, clickbaiting article and being reasonable? Just checked, it's really Slashdot... Mind, blown! (Irony aside, great work!)
Re:who cares by 110010001000 · 2016-04-11 07:04 · Score: 1

You must be kidding. Amazon sells millions of products. They aren't going to test them out for you. Plus: woooossshh
you want cheap, you get cheap by known_coward_69 · 2016-04-11 07:13 · Score: 1

half the crap on amazon isn't sold by amazon but by no name fly by night operations or direct from china. be wary of buying anything on the internet but then this is how name brands got started almost 100 years ago and stupid millenials are figuring it all out again
"Security Researcher" by Anonymous Coward · 2016-04-11 07:14 · Score: 0

I love how Mike Olsen is termed as a "security researcher", rather than some guy that does PR for Symantec. Anybody can become a self-proclaimed "security researcher" these days - all you need is a blog and a press release, apparently.
1. Re:"Security Researcher" by bobbutts · 2016-04-11 08:31 · Score: 1
  
  Correct. For bonus points you can create a linked in page and various other bogus crap so people who take 30 seconds to "vet" you via google search will be satisfied.
SubjectIsSubject by p0p0 · 2016-04-11 07:50 · Score: 1

Funny enough, I was just looking around Amazon Canada for a cheap IP camera. There are lots of $40-$50 cameras and not a single one comes from a company I've ever heard of and they all seem to require some sort of account to view the stream. I just want one I can watch from my laptop with only local access.

I remembered about hearing about sketchy IoT devices, especially cameras and it's just not worth the risks. Most have no reviews or 1 or 2 reviews from someone with very poor English (hmmmm).
Even the "brand name" ones seem pretty sketchy and I don't really trust DLINK anymore than Foscam or JOOAN, whoever they are.

I could just be clever and fabricoble one from an Raspberri Pi or an Arduino or something but that's still not really worth the cost + time.
1. Re:SubjectIsSubject by expert464 · 2016-04-11 09:53 · Score: 1
  
  You're not alone! Your story sounds EXACTLY what I was doing last week. I was mostly concerned with support for the camera being dropped after hearing about Google shutting off a product last week. I even doubt this WiFi thermostat I got a month ago will be supported in 5+ years time. I decided to bite the bullet and order a Raspberry Pi 3 along with the Camera module and try my hand at using one of the many online tutorials.
2. Re:SubjectIsSubject by worf_mo · 2016-04-11 10:43 · Score: 2
  
  I have set up a few of these (Raspberry Pi 2 Model B with the camera module), and they work quite well and reliable.
  You may want to install mjpg-streamer, which can be used to stream JPEG files over an IP-based network. That alone will already allow you to watch the camera's images as a stream over the local network. Make sure you limit access either by using mjpg-streamer's settings or by setting up a firewall/iptables.
  You can then install motionEye, which is a web-based frontend for motion. There you can set up a number of IP cameras and define when and where you want the streams to be recorded. For example record camera1 between 22h and 06h, record camera2 whenever motion is detected, 24/7.
  You can connect one camera module to each Raspberry, and a motionEye setup can - depending on the hardware it is installed on - support multiple cameras.
  To the GP: It's true, the cost is slightly higher than going with a cheap IP cam, but the hardware can be used for other services, too. The video stream stays local (unless you open up your router or connect via VPN), and you are not depending on a 3rd party, which may or may not be available next year. The setup is straightforward and doesn't take much time.
  I wouldn't use this solution in a professional environment, but it is more than enough to keep an eye on my garage, should the bastard who stole my bike ever decide to give it a second try.
3. Re:SubjectIsSubject by Kant_resistor · 2016-04-11 10:56 · Score: 1
  
  Not that I want to go down this road, but I had the same experience, and finally settled on this one: Sharx Security, made in New Hampshire, my adoptive state. Nice people, at least so far. They actually answered my email within an hour. They sent me a custom firmware that does not even ping 8.8.8.8 to find out if it is "properly connected." And yes, it was deployed in its own VLAN--I just didn't want clutter in the pfSense logs.
4. Re:SubjectIsSubject by p0p0 · 2016-04-11 13:14 · Score: 1
  
  That's a lot of good info. Thanks.
5. Re:SubjectIsSubject by KGIII · 2016-04-12 01:48 · Score: 1
  
  A friend of mine uses a bunch of old cell phones and a "universal" car mount to hold them in place. They work reasonably well for him. I bought my system and did my own installation but they were significantly more than $40 each. I get to view my own streams. In fact, unless the data request comes from a specific IP address, the streams can't be viewed by anyone else.
  
  --
  "So long and thanks for all the fish."
Network separation? by Nethead · 2016-04-11 07:52 · Score: 4, Insightful

Why would you actually hook these up to a network that has Internet access? Of course you make a separate VLAN or network for your "security" devices and other monitoring, ^H^H^H^H^H IoT devices that can only talk to preapproved connections. That is what a firewall is for.

--
-- I have a private email server in my basement.
1. Re:Network separation? by Joe_Dragon · 2016-04-11 08:04 · Score: 1
  
  what about the server / dvr? That may need the web for updates / drm / maybe some kind of vender run system where you don't need an fixed IP to get to from the outside?
2. Re:Network separation? by Nethead · 2016-04-11 08:25 · Score: 1
  
  Then only allow those addresses.
  
  --
  -- I have a private email server in my basement.
3. Re:Network separation? by Sadsfae · 2016-04-11 10:00 · Score: 2
  
  Why would you actually hook these up to a network that has Internet access? Of course you make a separate VLAN or network for your "security" devices and other monitoring, ^H^H^H^H^H IoT devices that can only talk to preapproved connections. That is what a firewall is for.
  I put all my untrusted, sketchy IoT devices on their own isolated VLAN via Tomato "Shibby" firmware on an ASUS router. It's fairly trivial to do and worth the effort so they at least can't attack your internal trusted networks. You can also whitelist outbound traffic for an added level of protection.
  
  --
  Have a squat over at the hobo house.
4. Re:Network separation? by Nethead · 2016-04-11 10:42 · Score: 1
  
  Nice write up.
  
  --
  -- I have a private email server in my basement.
Re:Reasons why I don't like the Internet of Things by whoever57 · 2016-04-11 08:04 · Score: 1

Rule 34 says it exists.

--
The real "Libtards" are the Libertarians!
Software challenge by Applehu+Akbar · 2016-04-11 08:24 · Score: 1

Devise a generally applicable antivirus for IoT devices.
Undoubtedly any such software would be OS-specific, which would quickly lead to pressure to standardize the operating systems on these devices.
Fulfilled by Amazon a sign of anything? by swb · 2016-04-11 09:02 · Score: 1

I usually filter by "Amazon Prime" which cuts out a lot of the weird third party sellers. I have noticed this does get you a certain amount of "Sold by Acme Widgets, fulfilled by Amazon".
My assumption is that if the product is some kind of actual brand name you might find somewhere besides Amazon and the fulfillment is by Amazon, the "seller" part is some kind of electronic arbitrage and the product itself is the same thing you might get if you bought it from Amazon as the seller.
It's like the "seller" bought the stuff on paper and is willing to sell it for an even smaller margin than Amazon and in reality it's all the same SKU on the same shelf in their warehouse and the next unit in line to be shipped someplace could be sold by either Amazon or the third party seller.
Is this at all accurate? Or is it possible to set yourself up as an Amazon seller, buy counterfeit crap from China and just funnel it through Amazon's logistics chain to buy that thin veneer of respectability?
Re:Reasons why I don't like the Internet of Things by Anonymous Coward · 2016-04-11 09:36 · Score: 0

I wish slashdot's servers would automatically ban any IP address that tries to post this fucking spam that shows up every goddamn time there's a story like this. Even a 24 hour ban would get the point across.
Classic Sony by The_Revelation · 2016-04-11 11:01 · Score: 1

Sony: Malwares Are Okay, Because No One Knows What They Are
We need the complete set of sources for hardware!! by Anonymous Coward · 2016-04-11 12:01 · Score: 0

No excuses. It's the baseline foundation we should have for security. It's not security in and of itself, but it is a quintessential part you can't be without to use the word 'security' in describing a product.
Re:Reasons why I don't like the Internet of Things by Plus1Entropy · 2016-04-11 14:51 · Score: 1

Can someone tell me where this meme came from? I obviously missed it's inception and google is failing me...

--
Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
Does not worry me by netsys · 2016-04-11 15:15 · Score: 1

I assume that all cameras from China a spying on me, does not bother me though they are on a specially setup vlan and cannot get on the internet.
Re:Reasons why I don't like the Internet of Things by OolimPhon · 2016-04-11 21:16 · Score: 1

It probably fell out the back end of a cow.
Re:Reasons why I don't like the Internet of Things by GNious · 2016-04-12 00:06 · Score: 1

34) Internet of Things devices could let advertisers use the data unsuspectingly collected about me while I pleasure myself.
Is this the NSA via CERT? by JoelEmmett · 2016-04-12 06:59 · Score: 1

The domain is registered to CERT's Polish subsidiary...???
1. Re:Is this the NSA via CERT? by Anonymous Coward · 2016-04-12 12:33 · Score: 0
  
  nope, CERT apparently took over the domain, to tackle down the malware