-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/28/2016 01:31 PM, Sean Lynch wrote:
On Tue, Sep 27, 2016 at 8:50 PM, Steve Kinney <admin@pilobilus.net <mailto:admin@pilobilus.net>> wrote:
"Physical access is game over" so it may turn out that whoever owns the most Things wins after all.
Ownership of Things is not permanent, though. Maintaining a botnet is a neverending battle.
I need to understand Things better. It makes sense to me that one can buy or borrow a Thing, disassemble it in the hardware then the firmware sense, and options for taking over that whole family or series of Things should present themselves - hard coded back doors for vendor configuration updates or etc. should be quite common. What I don't understand is how one would go about identifying the right addresses to send bogus vendor patches or other exploit code to, without access to the vendor's own database of incoming pings from Things. MITM the vendor's connection and collect them as they pass? Send connection requests to Things at whole IP address ranges and see who answers? :o/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBAgAGBQJX7AE0AAoJEECU6c5XzmuqxzgIANLdBECxP1KAvJPcm6sJXMgu 3rf9Da9lJ8sdBJAssINYXXpbpv8gtqx1RC/A8t7cQHoyR2gHBKQ1dHvWcN9aVHTQ ezVWwJpqJxW0m3o7NucEdzJTOkiGbFJ85dNFjMEW/k+6CzpJ2B+oKlfHIhV569P+ 5cM2eTVnRV/PLwNmR9LZaffS2y4smWlNuUPq537XAb4/B5oa77Gt46DNlHlHtQNe XFlrIcVj5T2rs6o+WBjwzS5F0q1mJX20k2Y9B1XJbSPZbzv4L3ASTlYd7Y7JLH5S qTvsTi8ALZSmRAdn1HnSOoQvl9RCgUjXwHtFj90+a9IyuX6E8bnr63fE0xs1Jjg= =qi85 -----END PGP SIGNATURE-----