Slashdot Mirror

← Back to Stories (view on slashdot.org)

Expanding Vulnerability of the Net

Posted by Cliff on from the social-changes-through-technology dept.

Rei asks: "The recent article by Jane's left me contemplative. The recent commercial trend seems to be to put everything online - from cellular phones to refrigerators to toasters. These devices have their software typically non-upgradable. An increased number of systems in a particular location, with increasingly diverse operating systems, with real-world effects, places an increased danger from crackers in the future. Imagine the effects of a script kiddie finding a way to extinguish a pilot light in a heater, or to cause a fire in a device like a toaster or coffee maker. And do sysadmins really have the time to do a firmware upgrade in all the air conditioners or elevators in a building, let alone virtually every mechanical device which industry sees fit to give an IP? Before the greatest physical damage that could be done was to flash a BIOS so the machine wouldn't boot. But now we have oncoming the capacity for much, much more. How will the world deal with it?" This has worried me for a while. More often than not, the drive to commercialize a new tecnology always comes before we've accurately predicted how it will effect us. So how will millions of potential network security holes affect us in future when everything is networked?

2 of 185 comments (clear)

  1. Embedded devices by Chemical+Serenity · · Score: 3
    I never understood the desire to put your coffee pot/armchair/lufa sponge on the net. What purpose do they serve? You have to get up and get the coffee anyways, why bother with having it hooked to your computer?

    The simple fact is this whole embedded appliance thing is a toy idea. Briefly interesting, of limited usefulness, and ultimately will be discarded as embedded devices start crashing left and right, or screwing up in a variety of entertaining and lethal ways.

    The only people making money in net-enabled appliances will be, IMO, the early entries marketing to those rampaging toy-driven geeks who'll pay top buck... although IANAEAM (I Am Not An Embedded Appliance Marketer).

    --
    rickf@transpect.SPAM-B-GONE.net (remove the SPAM-B-GONE bit)

    --
    "People will pay big bucks for the luxury of ignorance."
  2. My kitchen just crashed. by EdlinUser · · Score: 3

    MY KITCHEN JUST CRASHED
    ~~~~~~~~~~~~~~~~~~~~~~~~~

    TCI, The nation's largest cable television company, is in talks to launch a
    unique pilot project in conjunction with Pacific Gas & Electric Co. &
    Microsoft Corporation to design a "smart home". The home automation industry
    is expected to triple in size, from $1.7 billion this year to more than
    $5.1 billion by the year 2000.

    NOVENBER 28, 1995 - Moved in at last. Finally, we live in the smartest house
    in the neighborhood. Everything's networked. The cable TV is connected to our
    phone, whitch is connected to my PC, whitch is connected to the power lines,
    all the appliances and security system. Everything runs off a universal
    remote with the freindliest interface I've ever used. Programming is a snap.
    I'm like totally wired.

    NOVEMBER 30 - Hot stuff! Programmed my VCR from the office, turned up the
    thermostat and switched on the lights with the car phone, remotely tweaked
    the oven a few degrees for my pizza. Everythings nice and cozy when I arrived.
    Maybe I should have the universal remote surgically attached.

    DECEMBER 3 - Yesterday, the kitchen crashed. Freak event. As I opened the
    refridgerator door, the light blew. Immediately, everything else electrical
    shut down - lights, microwave, coffee maker - everything! Carefully,
    I unplugged and plaugged all the appliances back in. Nothing called the cable
    company (but not from the kitchen phone). The utility insists the problem was
    in the software. So the software company runs some remote telediagnostics via
    my house processor. Their expert system claims it has to be the utility's
    fault. I dont care. I just want my kitchen back. More remote diagnostics.
    Turns out the problem was "unanticipated failure mode". The network had never
    seen a refridgerator bulb failure while the door was open.
    So the fuzzy logic interpreted the burnout as a power surge and shut down the
    entire kitchen. But because sensor memory confirmed that there hadn't actually
    been a power surge, the kitchen's logic sequence was confused so it couldn't
    do a standard restart. The utility guy swears this had never happened.
    Rebooting the kitchen took over an hour.

    DECEMBER 7 - The police are not happy. Our house keeps calling them for help.
    We discover that whenever we play the TV or stereo above 25 desibels, it
    creates patterns of micro-vibrations that get amplified when they hit the
    window. When these vibrations mix with with a gust of wind, the security
    sensors are activated and the police computer concludes that someone is trying
    to break in. Go figure... Another glitch: whenever the basement is in
    self-diagnostic mode, the universal remote won't let me change the channels
    on my TV. That means I actually have to get up off the couch and change the
    TV channels by hand. The software and the utility people say this flaw will be
    fixed in the upgrade - Smarthouse 2.1 but it's not ready yet.

    DECEMBER 12 - This is a nightmare! Theres a virus in the house. My PC caught
    it while browsing the public access network. I come home and the living room
    is a sauna, the bedroom windows are covered with ice, and the reffridgerator
    has defrosted. The washing machine has flooded the basement, the garage door
    is cycling up and down, and the TV is stuck on the Home Shopping Channel.
    Throughout the house, lights flicker like strobescopes until they explode
    from the strain. Broken glass is everywhere. Of course the security sensors
    detect nothing. I look at the message slowly throbbing on my PC screen:
    "Welcome to Homewrecker!!! Now the fun begins. Be at ever so humble, Theres
    no virus like Homewrecker..." I get out of the house, FAST!

    DECEMBER 18 - They think Iv'e digtally disinfected the house but the place is
    in shambles. Pipes have bursts and we're not completely sure we've got that
    part of the virus that attacks toilets. Nevertheless, The Exorcists - as
    the anti-virus SWAT members like to call themselves - are confident the
    worst is over. "Homewrecker is pretty bad," one tells me, "but consider
    yourself lucky you didn't get Poltergiest. That one is really evil".

    DECEMBER 19 - apparently, our house isn't insured for viruses, "Fires and
    mud slides yes," says the claims adjuster, "Viruses, no". My agreement with
    the Smarthouse poeple explicitly states that all claims warranties are null,
    and void if any appliances or computer in my house networks in any way, shape,
    or form with a non-certified on-line services. Everybody's very sorry but they
    can't be axpected to anticipate every virus that may be created. We call our
    lawyer. He laughs. He's excited.

    DECEMBER 21 - I get a call from a Smarthouse sales rep. As a special holiday
    offer, we get the free oppertunity to become a beta site for the company's
    new Smarthouse 2.1 upgrade. He say's I'll be able to meet the programmers
    personally. "SURE!!!" I tell him.....

    ---aurthor unknown

    --
    1000 SlashDot sigs