Category Archives: internetofthings

Hacking Password-Protected Computers via the USB Port

Posted on by

PoisonTap is an impressive hacking tool that can compromise computers via the USB port, even when they are password-protected. What’s interesting is the chain of vulnerabilities the tool exploits. No individual vulnerability is a problem, but together they create a big problem. Kamkar’s trick works by chaining together a long, complex series of seemingly innocuous software security oversights that only… Continue reading Hacking Password-Protected Computers via the USB Port

Regulation of the Internet of Things

Posted on by

Late last month, popular websites like Twitter, Pinterest, Reddit and PayPal went down for most of a day. The distributed denial-of-service attack that caused the outages, and the vulnerabilities that made the attack possible, was as much a failure of market and policy as it was of technology. If we want to secure our increasingly computerized and connected world, we… Continue reading Regulation of the Internet of Things

Self-Propagating Smart Light Bulb Worm

Posted on by

This is exactly the sort of Internet-of-Things attack that has me worried: "IoT Goes Nuclear: Creating a ZigBee Chain Reaction" by Eyal Ronen, Colin OFlynn, Adi Shamir and Achi-Or Weingarten. Abstract: Within the next few years, billions of IoT devices will densely populate our cities. In this paper we describe a new type of threat in which adjacent IoT devices… Continue reading Self-Propagating Smart Light Bulb Worm

Lessons From the Dyn DDoS Attack

Posted on by

A week ago Friday, someone took down numerous popular websites in a massive distributed denial-of-service (DDoS) attack against the domain name provider Dyn. DDoS attacks are neither new nor sophisticated. The attacker sends a massive amount of traffic, causing the victim’s system to slow to a crawl and eventually crash. There are more or less clever variants, but basically, it’s… Continue reading Lessons From the Dyn DDoS Attack

DDoS Attacks against Dyn

Posted on by

Yesterday’s DDoS attacks against Dyn are being reported everywhere. I have received a gazillion press requests, but I am traveling in Australia and Asia and have had to decline most of them. That’s okay, really, because we don’t know anything much of anything about the attacks. If I had to guess, though, I don’t think it’s China. I think it’s… Continue reading DDoS Attacks against Dyn

Security Lessons from a Power Saw

Posted on by

Lance Spitzner looks at the safety features of a power saw and tries to apply them to Internet security: By the way, here are some of the key safety features that are built into the DeWalt Mitre Saw. Notice in all three of these the human does not have to do anything special, just use the device. This is how… Continue reading Security Lessons from a Power Saw

Security Economics of the Internet of Things

Posted on by

Brian Krebs is a popular reporter on the cybersecurity beat. He regularly exposes cybercriminals and their tactics, and consequently is regularly a target of their ire. Last month, he wrote about an online attack-for-hire service that resulted in the arrest of the two proprietors. In the aftermath, his site was taken down by a massive DDoS attack. In many ways,… Continue reading Security Economics of the Internet of Things

Hacking Your Computer Monitor

Posted on by

Here’s an interesting hack against a computer’s monitor: A group of researchers has found a way to hack directly into the tiny computer that controls your monitor without getting into your actual computer, and both see the pixels displayed on the monitor — effectively spying on you — and also manipulate the pixels to display different images. I’ve written a… Continue reading Hacking Your Computer Monitor