Ask Slashdot: Is My IoT Device Part of a Botnet? 279
As our DVRs, cameras, and routers join the Internet of Things, long-time Slashdot reader galgon wonders if he's already been compromised:
There has been a number of stories of IoT devices becoming part of botnets and being used in distributed denial of service attacks. If these devices are seemingly working correctly to the user, how would they ever know the device was compromised? Is there anything the average user can do to detect when they have a misbehaving device on their network?
I'm curious how many Slashdot readers are even using IoT devices -- so leave your best answers in the comments. How would you know if your IoT device is part of a botnet?
I'm curious how many Slashdot readers are even using IoT devices -- so leave your best answers in the comments. How would you know if your IoT device is part of a botnet?
How do you know? (Score:5, Insightful)
If it's connected to the internet directly, and it has no built in security apart from "admin" "password", it's part of a botnet or soon will be.
Re:How do you know? (Score:5, Insightful)
- Is a default password that is the same for every device sold (these days a lot of equipment ships with unique random passwords)
- Isn't changed by the user during setup
- Can't be changed by the user. (What the hell, OpenElec?)
Re: (Score:3)
Openelec's entire file system is read only. Given the difficulty of installing something to the image when you want to, the potential for it to be easily and automatically owned by is very low.
Re:How do you know? (Score:5, Insightful)
Openelec's entire file system is read only. Given the difficulty of installing something to the image when you want to, the potential for it to be easily and automatically owned by is very low.
This is not a real thing...a device whose total storage capacity is read-only. Let's look at why.
One: if it's all read-only, it can't have a variable password...accounts and passwords need to be hardcoded, because there's no way to store new or changed account information.
Two: if it's at all configurable, you have the same problem: where do you store the configs?
Three: guess what else you can't have if your file system is read-only? Software updates.
Four: let's call a spade a spade here. A more accurate way to make the claim...regardless of how infeasible it would be for any device of significant functionality...is to say this: "Openelec's entire file system is meant to be read only." An innate characteristic of most security flaws is that they permit something that is not intended. It's important to not assume that intended functionality is inevitable and invulnerable. And in this case, that "read only" capability is nothing more than Linux permissions...it's not that the OS invariably is incapable of granting write permissions. In fact, all kinds of things are writing to the file system, I would bet...information about drive mounting, accounts, etc. The file system is not inherently read only.
Assuming that system behavior when used in its intended fashion is also what happens when someone breaks the rules is the root of most security failures.
And now, a citation, called "squashfs howto - make changes the read-only filesystem in OpenELEC"
https://sites.google.com/site/... [google.com]
Re:How do you know? (Score:5, Interesting)
That's the way things were in the 1970s and early 1980s, when RAM was incredibly expensive so the programming for most embedded systems was stored in ROM, using RAM only for operational data. I've only seen one modern embedded system function this way - you stored the OS on a SD card with the write-protect switch flipped, and used a second SD card for data storage.
Re: (Score:2)
Given the difficulty of installing something to the image when you want to, the potential for it to be easily and automatically owned by is very low.
Viruses and worms can run just fine from RAM. Discovery may be slow, but once you find a vulnerable system with a read only filesystem, you have it report its IP to a C&C node, then re-infect it whenever you need it.
Re: (Score:3)
It's possible to remount a file system with new permissions. See the details here: /dev/sda1.
https://www.gnu.org/software/l... [gnu.org]
Or to mount it in a other folder with different permissions.
Or to directly access the partition under
To make a read-only file system work as expected you have to use a hardware way to prevent writing to the memory. For example NOR SPI flash memory usually have a write protection pin. Of course that pin must be protected against unwanted operation that could drive it. In that case you
Re:How do you know? (Score:4)
True, but more often than not it's derived from the MAC address (probably programmatically on boot with a defaulted config so they don't have to program each device in the factory) which is an absolutely horrible idea for WiFi enabled devices. If a (l)user sees an apparently random string of hex, conveniently also printed onto a sticker on the box so they don't have to remember it, it's a pretty safe bet that they are going to think it's secure and, quite possibly, not something they should change because that sticker looks important. Not a major problem for someone connecting over the Internet (although if they can ID the device make/model, they've got the OID and hugely reduced the brute force effort), but a serious issue if someone happens to be coming in over your WiFi and can connect directly.
ALWAYS change your default password, and the username too, if it'll let you.
Re: (Score:3)
I always change my username from root to AmyAcker ...
Re: (Score:3)
Anyone who thinks this is a password problem either doesn't have many IoT devices in their homes, or was into IoT at the very beginning, and doesn't know how current devices work. I have close to 30 IoT devices in my home and have only had to deal with a password once, and that was for a cloud-based lightbulb that is so old it's no longer made.
IoT devices for the home these days never expose the user to the password. They generally scan a QR code on the device itself or connect through a wireless connecti
Re: How do you know? (Score:5, Informative)
OpenELEC FAQ disagree:
http://wiki.openelec.tv/index.... [openelec.tv]
What is the SSH login?
Shortcut: #SSH Login
Currently the login into OpenELEC has fixed settings.
Login: root
Password: openelec
How do I change the SSH password?
Shortcut: #SSH Password change
At the moment it's not possible to change the root password as it's held in a read-only filesystem. However, for the really security conscious advanced user, you can change the password if you build OpenELEC from source. Also you can consider logging in with ssh keys and disabling password logins.
Re:How do you know? (Score:5, Funny)
Re:How do you know? (Score:5, Funny)
Just install Norton AV on it, and add McAfee to be sure. Then, even a botnet wouldn't want to anymore run on that device
Yeah, that's it! "Should I have run MacAfee on my FirstAlert online smoke detectors?" you say to yourself as you gaze at the remains of your house.
Re:How do you know? (Score:5, Interesting)
Just install Norton AV on it, and add McAfee to be sure. Then, even a botnet wouldn't want to anymore run on that device
Yeah, that's it! "Should I have run MacAfee on my FirstAlert online smoke detectors?" you say to yourself as you gaze at the remains of your house.
IoT or not, odd how you made me wonder if the smoke alarm itself has ever been the source of a fire...
I need coffee. It's too early for this.
Re: (Score:3)
Yes [allnight.com]
At least a few times it looks. [onsizzle.com]
Re: (Score:3)
If the software was written by a programmer who thought "We should have a built-in test system... maybe set an actual fire every 6 months and make sure we can detect it..." That's how testing works, right?
Re: (Score:2)
So, an infinitesimal fraction of them, since almost all would be behind a NAT router.
Re: (Score:3)
"If it's connected to the internet directly" So, an infinitesimal fraction of them, since almost all would be behind a NAT router.
IPv6 to the rescue! No NAT and even popular routers out there pass IPv6 without an SPI. (TP-Link Archer C7 would be one).
Speaking of, recommendations for a good router, anyone?
Re:How do you know? (Score:4, Insightful)
Recommendations? Take the C7 and install OpenWRT on it. Super easy to use, reliable, and capable of any firewalling you can dream up (including on IPv6). Plus then you have a nice graph to tell you how much bandwidth is in use and by which device. If you have a botnet participant in your network it will be obvious.
Re: (Score:2)
Re: (Score:3)
We'll wait and see how ISPs handle IPv6 when the time comes. There's no reason to believe it won't make matters worse.
Except the time has come, and the devices do have public IP's (router has a DHCPv6 /64 address, and doles out addresses in the same /64 range to devices behind it using SLAAC; this is Rogers in Canada)
Re: (Score:2)
Re: (Score:3)
Hint: IoT devices generally don't power down for months or years. Survival is maintained through propagation.
Re:How do you know? (Score:5, Insightful)
If it needs to connect to a subscription service outside your home it has the potential to become part of a bot net.
Can you trust your thermostat to not browse your files?
Re: (Score:2)
If it needs to connect to a subscription service outside your home it has the potential to become part of a bot net.
Can you trust your thermostat to not browse your files?
Guess that depends on the "required" app permissions, since that side of IoT is the part that is far more blatantly in the obtrusiveness of IoT.
Re:How do you know? (Score:4)
If it needs to connect to a subscription service outside your home it has the potential to become part of a bot net.
Can you trust your thermostat to not browse your files?
Guess that depends on the "required" app permissions, since that side of IoT is the part that is far more blatantly in the obtrusiveness of IoT.
Well if you have an SMB share, or some other unprotected share, what is to stop your thermostat from mounting it and looking at its contents? Unless you block your thermostat off of the rest of the network. Any device you have that can be controlled by a remote service could be compromised and controlled by anyone.
Re: (Score:2, Informative)
If you have an unprotected share and a compromised thermostat you have two problems, not one.
Re: (Score:2)
I'd be interested in a description of the ideal configuration for a home network that includes IoT devices.
Should I have multiple routers so that I "nest" my networks. So have one network "right off the Internet" for less secure things such as IoT and then have a more secure network as a sub-network to the IoT network? So the IoT network can't see anything in the sub-network but is also protected by whatever firewall settings I decide to set?
Re:How do you know? (Score:4, Interesting)
Can you trust your thermostat to not browse your files?
Nowadays, that is an amazingly valid question. Just a few short years ago, if you asked that question, you would have been __________. (fill in the blank)
Re: (Score:3)
Obviously there is no guarantee--there never is in these days of NSA-intercepted shipments, government-sponsored code changes, etc... There are plenty of steps you can take to minimize the risk of this happening though.
1. Use either Open Source software as your firewall platform (pfSense, m0n0wall, your own creation with pf or iptables, etc...), a firewall appliance based on open-source software that update frequently when vulnerabilities are disclosed (Mikrotik, Ubiquiti, etc...) or use enterprise-grade
Re: (Score:2)
If it's connected to the internet directly, and it has no built in security apart from "admin" "password", it's part of a botnet or soon will be.
In other words, no. Since no IoT devices are connected to the interned directly.
Re: (Score:2)
If it's connected to the internet directly, and it has no built in security apart from "admin" "password", it's part of a botnet or soon will be.
I agree....the answer is basically, "Yes, your IoT gadget is part of a botnet" or "Your IoT gadget is not part of a botnet yet".
The "average" consumer? Of course not. (Score:4, Insightful)
The "average" user has no idea and that's why they put IOT shit on their unsecured network in the first place, duh.
Re:The "average" consumer? Of course not. (Score:5, Insightful)
The "average" user has no idea and that's why they put IOT shit on their unsecured network in the first place, duh.
The average user has no idea that there is something like "IoT" and that it is in any way different from the rest of "the internet". All they know is that it is "smart" to have an app on your phone that can turn on the heating and tell you the fridge is empty, and a TV that seems to understand what you want to watch, or a smart meter that tells you (and the utility company) how much gas and electricity you use up to the last minute. They won't know or care about the security implications until it goes badly wrong.
Easy or free, pick one (Score:3, Interesting)
There are free tools you can use to monitor a network, but they might not be so easy for the average user. Just googling around, I found this solution that's designed to answer such questions [f-secure.com], but note it costs money. I've never seen it in action. One would hope that you get something user-friendly at such a price.
The other guy who said that if you can log in with "admin" as the userid and "password" as the password, or some other default login, that's spot-on. Botnet creators will probe for that, so at the very lease change the userid and password before actually going live... or just do what I do and not have any IoT stuff.
Re: (Score:3)
Basically the only way to detect intrusions on these systems is to have A) a characterization of their nominal protocol behavior including bandwidth usage patterns, connection/disconnection behaviors and other such information in addition to the basic port/service stuff. B) Have a list of the cloud servers they normally contact under standard operation, and C) Have regular automatically installed updates for A) and B) as the owner of the device screws with firmware and/or CDN contracts or the CDN itself ma
Control and management (Score:3)
Though it doesn't seem to apply to home networks, how can you be an IT professional of any kind and NOT know what's coming into or going out of your network?
If nothing else, precisely because of things like this where your CCTV NVR or your thermostat could be hacked and doing whatever it likes. In fact, DDoS of someone else is the LEAST of your worries if someone is able to coax your devices into running arbitrary code on your local network.
Sorry, but this kind of thing needs management and there isn't a home router on this planet that does things like send you an email when a "new" device connects, or alerts you to unusual activity from your local network devices.
Re:Control and management (Score:5, Informative)
Re: (Score:2)
This could include almost every IP address you find in your logs. Do you know the IP address of every ancillary site that the web sites you visit make connections to while you're browsing their pages? The advertisement servers? Any image servers? The external sites for comments/discus
Re: (Score:3)
Re: (Score:2)
In case nobody is aware, a racist tangerine is threatening to take over the worlds largest nuclear arsenal.
Re: (Score:3)
how can you be an IT professional of any kind [...]
I'm not. I'm a software developer.
Re: (Score:2)
That isn't an excuse, as a software developer you are supposedly making such software that you think is getting hacked or spied on.
However more to the point being IT professional and even a good one doesn't mean you are able to manage all things "computer" equally well. I know I get fusterated at work when they give me a job that the system administrator or DBA normally should do. Not that I can't but because these are jobs that these people do all the time and have such processes in mussel memory while I
If you have to fill out cloudflare captchas (Score:2)
If you have to fill out cloudflare captchas when browsing, then maybe.
Finally a counter example (Score:5, Insightful)
Is this the long sought after counter-example to Betteridge's Law [wikipedia.org] where the response to a question mark is always "yes" ?
Re: (Score:2)
Just reword it to "Is my IoT device secure" and Betteridge's Law holds.
Re: (Score:2)
Re: (Score:3)
Probably not... When you consider that, for example, pretty much every TV sold now has smart features and yet the vast majority of TVs are not part of a botnet as far as we know. Ditto cars, many have some kind of connectivity now but are not infected.
The main reason for this is that it just doesn't make economic sense to target IoT devices. With Windows you have hundreds of millions of targets and easy access via malvertising and trojans. With an IoT device it's probably behind a firewall and only connects
Limit their bandwidth? (Score:4, Insightful)
Probably beyond the abilities of Joe Average, but you could use your router/firewall/whatever to limit the bandwidth of IoT devices on your network.
Most IoT devices seem to use very little bandwidth by design - they just send and receive simple status updates and commands - and they would be of much less value to a botnet operator if they were limited to, say, 5kbps.
How do I know my IoT devices are secure? (Score:2)
I built them myself.
Quite frankly, for nearly everything that is currently offered as a commercial IoT gimmick the answer to "is my IoT device part of a botnet" is "yes, or at least it can easily become soon".
Not used here (Score:3)
I still have to understand why people need to control everything from their smartphone, when there are simpler solutions that require much less of your precious free time to be implemented and used.
Re: (Score:2)
There are a surprising number of these "angry old man" rants on Slashies. We all get that the devices are insecure but, they're incredibly handy, and they will sweep the world. If you still want to keep your old TV with a dial on it for tuning, go right ahead, grandpa. The rest of us will be asking the air for a new show and don't much care if the world knows it.
Re: (Score:2)
"If you still want to keep your old TV with a dial on it for tuning, go right ahead, grandpa. The rest of us will be asking the air for a new show and don't much care if the world knows it.
And we will pwn your young asses. :-)
Re: (Score:3)
Re: (Score:2)
We all get that the devices are insecure but, they're incredibly handy, and they will sweep the world.
Yeah, and that's the problem, dumbass. They'll "sweep the world", and with it your credit cards, passwords, private photos, medical info, etc etc etc.
You know what else is "incredibly handy"? Crack cocaine. Try it sometime, it's amazingly handy. Don't worry about any pesky side effects, just focus on how damn handy it is.
Re: (Score:2)
Said by someone posting an internet comment. Your computer is a thing and is hooked to the internet. And most likely is setup to get network updates and at least you will get notifications about these updates.
Re: (Score:2)
I still have to understand why people need to control everything from their smartphone, when there are simpler solutions that require much less of your precious free time to be implemented and used.
IoT means more than just "control everything from your smartphone".
The only IoT device that I knowingly have is an IP camera in the room where our grandchildren sleep whenever they come over to stay. It is only switched on when they are with us.
It isn't controlled from a smartphone. It is accessed from one or more tablets. It is blocked from accessing the internet at my firewall. If there are firmware updates, I will download them and apply them manually, not that I expect that to happen before the sun grow
Re: (Score:2)
I don't use IoT, and I will never will. No need to share with external world room temperatures, door status or garden humidity.
Ha ha! You are wrong. I spent all last night watching your garden humidity level.
The future is coming. (Score:2)
And its looking a bit like megaman battle network, where everything is networked and have a virus encounter every 10 steps.
The answer is "YES" (Score:2)
If you have a device connected to the internet, made by some startup or big company, who doesn't care about the security of user data.
What can go wrong will go wrong. Your device and/or data will get hacked.
if you are lucky, it will perhaps not happen to you, but don't count on it, so assume it's compromised, and therefore don't accept devices that are unecessarily connected to the open internet.
So the obvious answer to the question if your connected device is compromised is "YES, it is compromised."
Probably (Score:2)
That's why I don't do IoT. My cellphone is the closest thing to IoT that I own and the only system that I don't control the software for.
Traffic analysis and management (Score:2)
Maybe you can throttle it: it'd be in the order of a few KBps and it'd be directed only towards a certain server.
Anything else cound be an ongoing DDOS attack.
If all of this doesn't make any sense to you then, I'd suggest you to disconnect those tin cans.
Errrrm, analyse your traffic? ... Maybe? (Score:4, Informative)
Do you really want to know?
Then analyse your LAN traffic. Wireshark and Co. are you friends.
You're welcome. Captain Obvious was glad to help.
On a sidenote: (Score:2)
If you don't know what you're doing, you might want to stear clear of blackbox devices in your private LAN.
I personally wouldn't trust an IOThingie that I didn't build myself with a Rasberry Pi, Arduino or something.
Oh, and not being able to find out if your device is part of a botnet counts as 'not knowing what you're doing'.
My 2 Eurocents.
Re: (Score:3)
Is this all caused by UPnP? (Score:2)
Re: (Score:2)
NAT traversal is not needed as soon as you have ipv6 (no NAT, no traversal needed)
So no, this is not due to NAT traversal, it is due to security holes in IOT things.
Block rules in firewall (Score:2)
Block all IoT devices in the firewall from external communication.
If they don't work you have purchased an insecure device.
Find the device's online trail (Score:4, Informative)
Infected devices usually try to spread the infection further and their scanning attempts on the Internet are often observed. There is for instance a dedicated website for IoT devices attacking Telnet ports [turris.cz] or some more generic ones, such as the Internet Storm Center [sans.edu]. If the IP address of your device is on the list, it is very likely that you have a problem.
Run an intrusion detection system (Score:2)
It depends on how much efforts you want to put into this. The best way to detect these kind of weird behaviors is using an intrusion detection system/ deep packet inspection at the router level. You can limit the damage they would do with a few firewall rules. As was mentioned, Having an additional layer behind your internet router can slow people down and at least prevent people from harming your local network.
The problem is a lot of these IOT devices, is they can roam freely and some automatically connect
Is my IOT device part of a botnet? (Score:3, Funny)
Depends, have you plugged it in yet?
No need to turn it on, someone else will do that for you.
of course (Score:2)
I have IoT devices. Are they on any botnets? I don't know, I don't spend any time checking.
You can't however initiate a connection to them from the outside(no port forwarding) and uPnP have been disabled.
Still if the manufacturer have failed somehow, and they have been infected from the factory or when they phone home, they could be running nasty stuff.
Maybe not, but YOU are (Score:2)
While your IoT device may or may not be part of a botnet, the fact that you 'bought into' the nonsense idea that is the "Internet of Things" means that you, as a human, are psychologically part of a commercial-botnet where you can (apparently) be compelled to do dumb things on command.
Question (Score:2)
What Things need to be connected to the Internet ?
Re: (Score:2)
Fridges, Cars, light bulbs are obvious examples. They absolutely need to be connected in order to get hacked.
Like any leak (Score:2)
The same way you tell if you have a slowly-leaking toilet in your home: you stop using everything and look at the meter..
Simple solutions... (Score:2)
(a) Sniff your network traffic, looking for anything unusual coming from the device.
(b) Don't use IoT stuff.
Excellent question with no answer! (Score:5, Informative)
I have often wondered the answer to this question myself: how can I tell if a machine on my network is compromised?
So I set up a Linux box as my primary router, and monitored all the traffic going through the box, and holy crap, there is a lot of stuff.
Every time you hit a facebook web page, the javascript in there directs your browser to hit literally dozens of other web sites, and this is true of EVERY device in your house: your wife's laptop, your son's smartphone, your dog's water bowl. When you watch a video on Netflix video, the video player hits a dozen different servers at once, and those connections come and go constantly, old ones are closed, new ones opened to different servers throughout the world with all kinds of different names. And, of course a modern computer or smartphone uses all kinds of services: time services, location services, software updates, on and on and on.
It would be very difficult for a person to notice a low level bot doing something amiss. I have all the data, and I don't know how to do it.
The real worry (Score:3)
I am more concerned about a cheap IoT device shipping with spyware from China pre-installed than I am about someone hacking into my network.
Re:Am A Noob Too (Score:5, Interesting)
Keep routers and access points separate, there's no need for them to be the same device...
Get a low power atom device to run something like pfsense, a cheap managed switch (the hp 1800 series are good and quiet), use any wireless ap as a dumb bridge so it doesnt need any routing capabilities.
Create separate VLANs for guests and other untrusted devices, you can connect to devices here via the firewall but don't allow any outbound connections from the network containing these devices.
Buy new wifi as/when (eg 802.11ac), add multiple access points to cover different areas if necessary (even in a small house, wifi doesn't travel well through floors) and link them together via ethernet. Use ethernet whenever possible, wifi is only for portable devices.
You can also setup a VPN so you can connect to your stuff from outside, having authenticated using both a certificate and a user/pass. Far less chance of compromise than some unknown black box device from china.
Re:Am A Noob Too (Score:5, Funny)
Re:Am A Noob Too (Score:5, Insightful)
> Keep routers and access points separate...
> low power atom device to run something like pfsense
> cheap managed switch
> wireless ap as a dumb bridge
> Create separate VLANs
Once you're done making this server room you describe, you'll be in the .0000001% of people qualified to run an IoT device, many of which are BORN malicious and sending pictures of your bedroom/front lawn/children to a central server in China, a decent number of which are fundamentally insecure with no possible way to change passwords or a default password they forgot (or "forgot") to strip out that you can't fix, and at least some of which will fail to work on a VLAN that can only see the outside internet (for some goddamned reason, they want to ping a router or something).
The short version is this: If you want your IoT devices to not be part of a botnet, DO NOT BUY ANY. Once you buy those components, you have to set them up. Then configure them. Then maintain them. And almost no one will jump through any of those hoops.
Re: (Score:2)
Where I do use IP devices (cameras, Philips Hue, etc), they go on a separate subnet that can talk to th
Re: (Score:2)
You're right that very very few people go to that effort but thats not because of any intense expertise or expense. I have a similar setup with OpenWRT routers and APs (multiple devices in different locations with different specialties) a managed switch, VLANs, etc. Its all (except the distributed APs) on a wire shelf in my basement next to my electrical panel. Super easy.
Re: (Score:2)
The short version is this: If you want your IoT devices to not be part of a botnet, DO NOT BUY ANY.
Bullshit. You need to explicitly DMZ your IoT device for it to be remotely Pwn4ble, That's not to say that your neighbor can't hack it, he absolutely can. But some random D-bag in Israel cannot (unless you live in Israel and are neighbor to a D-bag).
Re:Am A Noob Too (Score:5, Insightful)
Dude, I'm not a network technician but I've been putting computers together since the late 80s and have been running Linux OSs as my desktop OS for over a decade now...
And I couldn't set up the network you described without some serious googling.
How are we supposed to expect normal people to do it? Do routers come with VLAN set up out of the box, jailed so that it doesn't send data out of your network? Somehow I doubt it.
Normal people are screwed, until routers are set up to manage IoT networks by default.
And let's be real: Normal people aren't going to buy a separate access point if their router has Wifi built in.
Re: (Score:2)
Re: (Score:2)
Dude, I'm not a network technician but I've been putting computers together since the late 80s and have been running Linux OSs as my desktop OS for over a decade now...
And I couldn't set up the network you described without some serious googling.
How are we supposed to expect normal people to do it? Do routers come with VLAN set up out of the box, jailed so that it doesn't send data out of your network?
No, but most routers these days come with a configuration that allows you to define a DMZ segment, which would likely be even easier for the "average" consumer to at least try and learn how to set up.
Really, this is what is the crux of IoT security; simply firewall it off from your normal internal network where your other computing devices live. Doing this one step does mitigate quite a bit of risk to your other home devices, since there's probably not much you're going to be able to do to convince the man
Re: (Score:2)
Telling people to put their baby monitor in the DMZ is not going to solve any of their concerns and is also not going to keep them from being part of a botnet.
Most of the devices in their normal network aren't going to be quite so shittily secured by design. You want to protect your internal network from IoT devices, sure, but you really want to protect those IoT devices from the internet at large.
Re:Am A Noob Too (Score:4, Insightful)
"Think a non-network engineer can do or wants to do any of that stuff?"
Hell, I don't think most folks who could do that stuff have any desire to actually do it for their household gear ... and then deal with the inevitable breakdowns ... especially if some clownshow in Redmond or Shanghai is perpetually sending out broken automatic "firmware" updates to enhance security or "user experience".
Re: (Score:3)
Well, I had good intentions. I'm a network engineer, and I planned out my multi-segmented network so that my home IT (servers/computers) stuff was separated from my home infrastructure (security devices, smoke detectors, etc) and that the latter were walled off from the Internet. And I *plan* to make it all work correctly someday. But in the meantime... All I have implemented so far is separate SSIDs for kids and adults so that the kids are blocked from 24-hour/day Internet time wasting, and some firewal
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
VLANs are suggestions, not security. Devices are free to ignore them and many do.
Wish folks would stop suggesting VLANs like they are any thing more.
He was talking about managed switches, so he probably intended the VLANs to be enforced by the switch (and tagged per port) and not by the shady IoT device. The device is free to ignore them all it wants, but it's not seeing any packets from outside of that VLAN and its packets aren't going anywhere that isn't on the same VLAN.
Re: (Score:2)
I gave up trying to find a program to run on my PC (wired to router) that would let me see what is connected to my router. It better not be anything other than my phone, tablet, or PC. But I don't know.
Re: (Score:2)
Well for most devices the hardest part is connecting it to WiFi once that is set you are good to go.
I have had engineers getting compleatly fusterated at me because when I installed the app it it was in the start menu and not an icon on the desktop. When I showed them where it was I was floored when they went "How the hell do you expect me to find it there!"
Re: (Score:2)
Well, that's how you know when you're dealing with a ``power user'' isn't it? When their desktop is completely filled with icons. Only newbies use the menus.
Re:log files (Score:5, Insightful)
If a person is intelligent enough to perceive the need for a device, obtain the device and install the device
They will perceive the "need" when a salesman or ad persuades them that they need it. They do not even need to be aware that the device will be part of the IoT, only that they "need" a toaster or whatever.
They will obtain the device by pulling out their wallet. (Soon it will become impossible to obtain anything else.)
They will install it by plugging it in (have you never installed a toaster before?).
I don't know where you think intelligence comes into it.
Re: (Score:2)
Checking traffic volume won't cut it anymore, you need to look for unusual traffic patterns. But a good start is to enable the f
Re: (Score:2)
If you're monitoring at the router level that'll probably give you some idea(as long as the log isn't overwritten). If you're using the tools provided by the ISP? I've seen 20-140GB differences in what they said I've used vs what I've actually used, including two cases where I was out of the country and somehow used 80GB with the modem unplugged. And there's no shortage of people on places like broadbandreports/dslreports [dslreports.com] having seen the same thing, whether it's some ISP in Europe, the US or Canada.