DDoS Of Things -

Sean Lynch seanl at literati.org
Mon Sep 26 12:53:21 PDT 2016


On Sun, Sep 25, 2016 at 12:11 AM, Steve Kinney <admin at pilobilus.net> wrote:

> Maybe I'm going all Chicken Little here, maybe not.  But I think this
> development may be the closest thing to an Internet Armageddon we are
> likely to see in our lifetimes.
>
> http://arstechnica.com/security/2016/09/why-the-silencing-of-krebsonsecu
> rity-opens-a-troubling-chapter-for-the-net/
>
> =or=
>
> https://tinyurl.com/znzno7q
>
> How does thee patch that which is Unpatchable? DDOS now includes the
> death of a million ankle biters: Not just unpatchable, but massively
> distributed, with a continuing profit motive and no liability for the
> manufacturers, paid for and plugged in by hundreds of millions of
> "regular folks" throughout the so-called Developed Nations.
>
> So far every mitigation strategy relevant to "normal" users and use
> cases that occurs to me would be worse than the original problem.
>
>
The problem is that there's too much money to be made off of exploiting
these holes TODAY, so it's very unlikely this huge vulnerability is going
to be silently and slowly deployed and then suddenly mass-exploited,
leading to some IoT-ageddon. There will almost certainly be some large
happenings along the way, but those will in turn lead to the development of
mitigation strategies, improvements in security, etc.

Ironically, this is an advantage of Internet-dependent devices like Nest,
Echo, etc: they get updated directly, so the patch problem is solved,
though that just moves the problem around a bit. We need to not be
deploying devices that can't be patched except in very special cases.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2274 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20160926/e26ce77d/attachment.txt>


More information about the cypherpunks mailing list