Overclock.net › Forums › Industry News › Technology and Science News › [BBC / Ars] Whole internet probed for insecure devices
New Posts  All Forums:Forum Nav:

[BBC / Ars] Whole internet probed for insecure devices

post #1 of 16
Thread Starter 
Quote:
Originally Posted by BBC Article 
The scan found half a million printers, more than one million webcams and lots of other devices, including set-top boxes and modems, that still used the password installed in the factory, letting almost anyone take over that piece of hardware. Often the password was an easy to guess word such as "root" or "admin".

BBC Source
Ars Source


Kind of shows that manufacturers really should start putting individual pass codes on each piece of their equipment.
Main
(21 items)
 
HTPC
(10 items)
 
 
CPUMotherboardGraphicsRAM
i5 2550k P8P67 Pro Sapphire HD 7950 G.Skill RipJaws X 1600 Cas 9 
Hard DriveHard DriveHard DriveCooling
Corsair Force 120 WD Blue 500GB WD Caviar Green 1TB XSPC RayStorm 
CoolingCoolingCoolingCooling
RX240 MCR 220 EK 7950 Copper Acetal  DDC-1T 
OSMonitorMonitorKeyboard
Windows 7 64-bit Dell U2311H Oculus Rift DK2 Ducky Shine 3 MX Brown 
PowerCaseMouseAudio
Corsair TX 750W CoolerMaster CM690 II G500 Klipsch ProMedia 2.1 
Audio
Asus Xonar DX 
CPUMotherboardRAMHard Drive
A10-6800K Gigabyte GA-F2A85XN-WIFI G Skill 1600 CAS9 Kingston SSD Now 60GB 
Hard DriveOptical DriveCoolingOS
WD Caviar Blue 1TB LG Slim Blu-Ray player Silverstone NT06-PRO  Widows 7 Home Premium 
PowerCase
Silverstone Sfx Series ST45SF 450W Silverstone SG05 
  hide details  
Reply
Main
(21 items)
 
HTPC
(10 items)
 
 
CPUMotherboardGraphicsRAM
i5 2550k P8P67 Pro Sapphire HD 7950 G.Skill RipJaws X 1600 Cas 9 
Hard DriveHard DriveHard DriveCooling
Corsair Force 120 WD Blue 500GB WD Caviar Green 1TB XSPC RayStorm 
CoolingCoolingCoolingCooling
RX240 MCR 220 EK 7950 Copper Acetal  DDC-1T 
OSMonitorMonitorKeyboard
Windows 7 64-bit Dell U2311H Oculus Rift DK2 Ducky Shine 3 MX Brown 
PowerCaseMouseAudio
Corsair TX 750W CoolerMaster CM690 II G500 Klipsch ProMedia 2.1 
Audio
Asus Xonar DX 
CPUMotherboardRAMHard Drive
A10-6800K Gigabyte GA-F2A85XN-WIFI G Skill 1600 CAS9 Kingston SSD Now 60GB 
Hard DriveOptical DriveCoolingOS
WD Caviar Blue 1TB LG Slim Blu-Ray player Silverstone NT06-PRO  Widows 7 Home Premium 
PowerCase
Silverstone Sfx Series ST45SF 450W Silverstone SG05 
  hide details  
Reply
post #2 of 16
Quote:
Originally Posted by GingerJohn View Post

BBC Source
Ars Source


Kind of shows that manufacturers really should start putting individual pass codes on each piece of their equipment.

Why? You can't fix stupid. This would be extremely cost prohibitive for these companies, with little to no benefit.
IVB-E Waiting
(17 items)
 
  
CPUMotherboardGraphicsRAM
Intel 3770K ASRock Z77 Extreme4 EVGA GTX 670 G. Skill 
Hard DriveHard DriveOptical DriveCooling
Corsair Force 3 Seagate 7200.14 Pioneer BCD-202 Liquid Cooling (Water + Kill Coil + UltraViolet... 
OSMonitorKeyboardPower
Windows 7 Professional x64 Yamakasi Catleap 27' 2560x1440 Razer Tarantula CoolerMasters GOLD 1000W 
CaseMouseMouse PadAudio
ThermalTake Logitech G500 None Yamah 5.1 Surround Sound DDII + DTS 
Audio
Logitech G930 
  hide details  
Reply
IVB-E Waiting
(17 items)
 
  
CPUMotherboardGraphicsRAM
Intel 3770K ASRock Z77 Extreme4 EVGA GTX 670 G. Skill 
Hard DriveHard DriveOptical DriveCooling
Corsair Force 3 Seagate 7200.14 Pioneer BCD-202 Liquid Cooling (Water + Kill Coil + UltraViolet... 
OSMonitorKeyboardPower
Windows 7 Professional x64 Yamakasi Catleap 27' 2560x1440 Razer Tarantula CoolerMasters GOLD 1000W 
CaseMouseMouse PadAudio
ThermalTake Logitech G500 None Yamah 5.1 Surround Sound DDII + DTS 
Audio
Logitech G930 
  hide details  
Reply
post #3 of 16
OMG my printer's hacked. Now I gotta push the reset button. rolleyes.gif
The Mad Cow
(16 items)
 
  
CPUMotherboardGraphicsRAM
Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz Gigabyte H61M-S2H HIS Radeon HD 6670 Kingston 8GB (2 x 4GB) 240-Pin DDR3 SDRAM DDR3 ... 
Hard DriveOptical DriveCoolingOS
Western Digital Caviar Blue Samsung/Hitachi something or other assortment of leftovers from old systems hot-gl... Xubuntu 15.04 
MonitorKeyboardPowerCase
Sony whatevs Logitech K400 Thermaltake Smart650 Hand-me-down Gateway case 
MouseMouse PadAudioOther
Can you believe I got it at a gas station? worth more than the software it came with. Sup... JVC XX in-ears Logitech f310 
  hide details  
Reply
The Mad Cow
(16 items)
 
  
CPUMotherboardGraphicsRAM
Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz Gigabyte H61M-S2H HIS Radeon HD 6670 Kingston 8GB (2 x 4GB) 240-Pin DDR3 SDRAM DDR3 ... 
Hard DriveOptical DriveCoolingOS
Western Digital Caviar Blue Samsung/Hitachi something or other assortment of leftovers from old systems hot-gl... Xubuntu 15.04 
MonitorKeyboardPowerCase
Sony whatevs Logitech K400 Thermaltake Smart650 Hand-me-down Gateway case 
MouseMouse PadAudioOther
Can you believe I got it at a gas station? worth more than the software it came with. Sup... JVC XX in-ears Logitech f310 
  hide details  
Reply
post #4 of 16
New form of spam advertising: Your printer starts spewing out ads sent by a hacker!
Flow
(14 items)
 
  
CPUMotherboardGraphicsRAM
3770k Sabertooth Z77 EVGA 680 GTX 16 Gb DDR3-1600 
Hard DriveCoolingOSMonitor
256 GB SSD + 2TB Noctua D-14 Windows 7 Pro x64 u3011 
PowerCaseMouse
Corsair 750w Lian Li PC-9F CM Spawn 
  hide details  
Reply
Flow
(14 items)
 
  
CPUMotherboardGraphicsRAM
3770k Sabertooth Z77 EVGA 680 GTX 16 Gb DDR3-1600 
Hard DriveCoolingOSMonitor
256 GB SSD + 2TB Noctua D-14 Windows 7 Pro x64 u3011 
PowerCaseMouse
Corsair 750w Lian Li PC-9F CM Spawn 
  hide details  
Reply
post #5 of 16
One of the things I found interesting is the device passwords. The botnet specifically tried to access devices on each machine.


Now, I am not the smartest cookie, but I am certainly not the dumbest. I just went through everything I could trying to find the hardware password for my webcam. Guess what? There isn't one.
 
4th time
(18 items)
 
3rd time
(11 items)
 
CPUMotherboardGraphicsRAM
5820k ASrock x99 Fatal1ty professional Gigabyte 1080 ti Corsair Vengeance DDR4 CAS 15 32GB 
Hard DriveCoolingOSMonitor
Samsung EVO 850 1TB SSD Corsair 110i GTX Microsoft Windows 10 Professional Acer 24 inch IPS 
MonitorMonitorMonitorKeyboard
Acer 24 inch IPS Acer 24 inch IPS Samsung 40 inch Corsair Strafe RGB MX cherry blue 
PowerCaseMouseMouse Pad
Corsair HX1000i Corsair Air 540 Corsair M65 RGB  Razer Manticor  
CPUMotherboardGraphicsRAM
i7 2600k ASROCK Fatal1ty p67 EVGA GTX 980 SC 16380 MBMBDDR3-SDRAM (Gskill) 1600mhz 
Hard DriveHard DriveCoolingOS
Samsung HD103SJ x 2 Samsung 850 EVO  Corsair H100i Windows 10 Professional 
MonitorMonitorMonitorMonitor
Samsung - LN40D550 - 40" LCD TV - 1080p ACER R240HY ACER R240HY ACER R240HY 
KeyboardPowerCaseMouse
razer black widow Corsair TX850 Coolermaster HAF 932 CM Storm Recon 
CPUMotherboardGraphicsRAM
955 MSI 870S-G54 2 x 6850 HIS IceQ-x 8 Gigabytes Gskill 1600 
Hard DriveCoolingOSMonitor
Samsung F3 1TB zalman 90mm Windows Ultimate x64 LG 47'  
MonitorPowerCase
Vizio 37' E370L  OCZ Modstream 700W Logisys CS888CL 
  hide details  
Reply
 
4th time
(18 items)
 
3rd time
(11 items)
 
CPUMotherboardGraphicsRAM
5820k ASrock x99 Fatal1ty professional Gigabyte 1080 ti Corsair Vengeance DDR4 CAS 15 32GB 
Hard DriveCoolingOSMonitor
Samsung EVO 850 1TB SSD Corsair 110i GTX Microsoft Windows 10 Professional Acer 24 inch IPS 
MonitorMonitorMonitorKeyboard
Acer 24 inch IPS Acer 24 inch IPS Samsung 40 inch Corsair Strafe RGB MX cherry blue 
PowerCaseMouseMouse Pad
Corsair HX1000i Corsair Air 540 Corsair M65 RGB  Razer Manticor  
CPUMotherboardGraphicsRAM
i7 2600k ASROCK Fatal1ty p67 EVGA GTX 980 SC 16380 MBMBDDR3-SDRAM (Gskill) 1600mhz 
Hard DriveHard DriveCoolingOS
Samsung HD103SJ x 2 Samsung 850 EVO  Corsair H100i Windows 10 Professional 
MonitorMonitorMonitorMonitor
Samsung - LN40D550 - 40" LCD TV - 1080p ACER R240HY ACER R240HY ACER R240HY 
KeyboardPowerCaseMouse
razer black widow Corsair TX850 Coolermaster HAF 932 CM Storm Recon 
CPUMotherboardGraphicsRAM
955 MSI 870S-G54 2 x 6850 HIS IceQ-x 8 Gigabytes Gskill 1600 
Hard DriveCoolingOSMonitor
Samsung F3 1TB zalman 90mm Windows Ultimate x64 LG 47'  
MonitorPowerCase
Vizio 37' E370L  OCZ Modstream 700W Logisys CS888CL 
  hide details  
Reply
post #6 of 16
What kind of hardware would you need to buy or rent to complete a similar survey without committing hundreds of thousands of years worth of felonies?
post #7 of 16
Quote:
Originally Posted by Darkpriest667 View Post

One of the things I found interesting is the device passwords. The botnet specifically tried to access devices on each machine.


Now, I am not the smartest cookie, but I am certainly not the dumbest. I just went through everything I could trying to find the hardware password for my webcam. Guess what? There isn't one.

By webcams they most likely are referring to IP webcams that are directly connected to a network and not a typical USB webcam
post #8 of 16
Quote:
Originally Posted by Darkpriest667 View Post

One of the things I found interesting is the device passwords. The botnet specifically tried to access devices on each machine.


Now, I am not the smartest cookie, but I am certainly not the dumbest. I just went through everything I could trying to find the hardware password for my webcam. Guess what? There isn't one.

..Pretty much why I never want a webcam. Shame you can't *find* a laptop without one these days.
Quote:
Originally Posted by un-midas touch View Post

OMG my printer's hacked. Now I gotta push the reset button. rolleyes.gif

Oh noes! The dreaded reset button..
Why upgrade?
(14 items)
 
Why overclock?!
(15 items)
 
 
CPUMotherboardGraphicsRAM
Core i5 760 ASUS 55i Sabertooth EVGA 960 4GB 8gb 1600mhz Vengeance 
Hard DriveHard DriveOSMonitor
120gb Intel 320 (OS) 500gb Samsung 850 Evo Win 7 64 Viewsonic VX2250-Wm 
PowerCaseMouseAudio
Seasonic G 550w Gold Lancool PC-K9B Logitech G5 X-Fi Titanium/AT-H700 
CPUMotherboardGraphicsRAM
Core i5 4690k Asus Z97 Sabertooth mk2 EVGA 970 8gb Kingston 1833mhz 
Hard DriveHard DriveCoolingOS
128GB Samsung 830 500GB Samsung 840 Evo allota fans but quiet! Win 7 64 
MonitorKeyboardPowerCase
Dell U2311H Rev. A01 Mechanical w/ Cherry Blues NZXT Hale 650w NZXT Phantom - white 
MouseMouse PadAudio
Anker CG100 Steelseries 9HD Sennheiser HD555 
  hide details  
Reply
Why upgrade?
(14 items)
 
Why overclock?!
(15 items)
 
 
CPUMotherboardGraphicsRAM
Core i5 760 ASUS 55i Sabertooth EVGA 960 4GB 8gb 1600mhz Vengeance 
Hard DriveHard DriveOSMonitor
120gb Intel 320 (OS) 500gb Samsung 850 Evo Win 7 64 Viewsonic VX2250-Wm 
PowerCaseMouseAudio
Seasonic G 550w Gold Lancool PC-K9B Logitech G5 X-Fi Titanium/AT-H700 
CPUMotherboardGraphicsRAM
Core i5 4690k Asus Z97 Sabertooth mk2 EVGA 970 8gb Kingston 1833mhz 
Hard DriveHard DriveCoolingOS
128GB Samsung 830 500GB Samsung 840 Evo allota fans but quiet! Win 7 64 
MonitorKeyboardPowerCase
Dell U2311H Rev. A01 Mechanical w/ Cherry Blues NZXT Hale 650w NZXT Phantom - white 
MouseMouse PadAudio
Anker CG100 Steelseries 9HD Sennheiser HD555 
  hide details  
Reply
post #9 of 16
Quote:
Originally Posted by dante020 View Post

By webcams they most likely are referring to IP webcams that are directly connected to a network and not a typical USB webcam


Ah, if its my network webcams and not the usb ones I'm not too concerned. I have a password on the connection to that router and the switch behind it. I was talking about his ability to access UPnP devices.
 
4th time
(18 items)
 
3rd time
(11 items)
 
CPUMotherboardGraphicsRAM
5820k ASrock x99 Fatal1ty professional Gigabyte 1080 ti Corsair Vengeance DDR4 CAS 15 32GB 
Hard DriveCoolingOSMonitor
Samsung EVO 850 1TB SSD Corsair 110i GTX Microsoft Windows 10 Professional Acer 24 inch IPS 
MonitorMonitorMonitorKeyboard
Acer 24 inch IPS Acer 24 inch IPS Samsung 40 inch Corsair Strafe RGB MX cherry blue 
PowerCaseMouseMouse Pad
Corsair HX1000i Corsair Air 540 Corsair M65 RGB  Razer Manticor  
CPUMotherboardGraphicsRAM
i7 2600k ASROCK Fatal1ty p67 EVGA GTX 980 SC 16380 MBMBDDR3-SDRAM (Gskill) 1600mhz 
Hard DriveHard DriveCoolingOS
Samsung HD103SJ x 2 Samsung 850 EVO  Corsair H100i Windows 10 Professional 
MonitorMonitorMonitorMonitor
Samsung - LN40D550 - 40" LCD TV - 1080p ACER R240HY ACER R240HY ACER R240HY 
KeyboardPowerCaseMouse
razer black widow Corsair TX850 Coolermaster HAF 932 CM Storm Recon 
CPUMotherboardGraphicsRAM
955 MSI 870S-G54 2 x 6850 HIS IceQ-x 8 Gigabytes Gskill 1600 
Hard DriveCoolingOSMonitor
Samsung F3 1TB zalman 90mm Windows Ultimate x64 LG 47'  
MonitorPowerCase
Vizio 37' E370L  OCZ Modstream 700W Logisys CS888CL 
  hide details  
Reply
 
4th time
(18 items)
 
3rd time
(11 items)
 
CPUMotherboardGraphicsRAM
5820k ASrock x99 Fatal1ty professional Gigabyte 1080 ti Corsair Vengeance DDR4 CAS 15 32GB 
Hard DriveCoolingOSMonitor
Samsung EVO 850 1TB SSD Corsair 110i GTX Microsoft Windows 10 Professional Acer 24 inch IPS 
MonitorMonitorMonitorKeyboard
Acer 24 inch IPS Acer 24 inch IPS Samsung 40 inch Corsair Strafe RGB MX cherry blue 
PowerCaseMouseMouse Pad
Corsair HX1000i Corsair Air 540 Corsair M65 RGB  Razer Manticor  
CPUMotherboardGraphicsRAM
i7 2600k ASROCK Fatal1ty p67 EVGA GTX 980 SC 16380 MBMBDDR3-SDRAM (Gskill) 1600mhz 
Hard DriveHard DriveCoolingOS
Samsung HD103SJ x 2 Samsung 850 EVO  Corsair H100i Windows 10 Professional 
MonitorMonitorMonitorMonitor
Samsung - LN40D550 - 40" LCD TV - 1080p ACER R240HY ACER R240HY ACER R240HY 
KeyboardPowerCaseMouse
razer black widow Corsair TX850 Coolermaster HAF 932 CM Storm Recon 
CPUMotherboardGraphicsRAM
955 MSI 870S-G54 2 x 6850 HIS IceQ-x 8 Gigabytes Gskill 1600 
Hard DriveCoolingOSMonitor
Samsung F3 1TB zalman 90mm Windows Ultimate x64 LG 47'  
MonitorPowerCase
Vizio 37' E370L  OCZ Modstream 700W Logisys CS888CL 
  hide details  
Reply
post #10 of 16
Thread Starter 
Quote:
Originally Posted by Shmerrick View Post

Why? You can't fix stupid. This would be extremely cost prohibitive for these companies, with little to no benefit.

The default password for my Cisco router is a random string of numbers and letters, both for the WiFi and the setup. These passwords (they are both different) are printed on a sticker on the router itself. It is not cost prohibitive to do this and it secures the WiFi and router setup of people who either don't know how to change the password or can't be bothered to.

This is a much better method of providing a default password than setting every device to "admin" or "password". It does not stop people changing the password to something obvious, but it at least gives them a head start.
Main
(21 items)
 
HTPC
(10 items)
 
 
CPUMotherboardGraphicsRAM
i5 2550k P8P67 Pro Sapphire HD 7950 G.Skill RipJaws X 1600 Cas 9 
Hard DriveHard DriveHard DriveCooling
Corsair Force 120 WD Blue 500GB WD Caviar Green 1TB XSPC RayStorm 
CoolingCoolingCoolingCooling
RX240 MCR 220 EK 7950 Copper Acetal  DDC-1T 
OSMonitorMonitorKeyboard
Windows 7 64-bit Dell U2311H Oculus Rift DK2 Ducky Shine 3 MX Brown 
PowerCaseMouseAudio
Corsair TX 750W CoolerMaster CM690 II G500 Klipsch ProMedia 2.1 
Audio
Asus Xonar DX 
CPUMotherboardRAMHard Drive
A10-6800K Gigabyte GA-F2A85XN-WIFI G Skill 1600 CAS9 Kingston SSD Now 60GB 
Hard DriveOptical DriveCoolingOS
WD Caviar Blue 1TB LG Slim Blu-Ray player Silverstone NT06-PRO  Widows 7 Home Premium 
PowerCase
Silverstone Sfx Series ST45SF 450W Silverstone SG05 
  hide details  
Reply
Main
(21 items)
 
HTPC
(10 items)
 
 
CPUMotherboardGraphicsRAM
i5 2550k P8P67 Pro Sapphire HD 7950 G.Skill RipJaws X 1600 Cas 9 
Hard DriveHard DriveHard DriveCooling
Corsair Force 120 WD Blue 500GB WD Caviar Green 1TB XSPC RayStorm 
CoolingCoolingCoolingCooling
RX240 MCR 220 EK 7950 Copper Acetal  DDC-1T 
OSMonitorMonitorKeyboard
Windows 7 64-bit Dell U2311H Oculus Rift DK2 Ducky Shine 3 MX Brown 
PowerCaseMouseAudio
Corsair TX 750W CoolerMaster CM690 II G500 Klipsch ProMedia 2.1 
Audio
Asus Xonar DX 
CPUMotherboardRAMHard Drive
A10-6800K Gigabyte GA-F2A85XN-WIFI G Skill 1600 CAS9 Kingston SSD Now 60GB 
Hard DriveOptical DriveCoolingOS
WD Caviar Blue 1TB LG Slim Blu-Ray player Silverstone NT06-PRO  Widows 7 Home Premium 
PowerCase
Silverstone Sfx Series ST45SF 450W Silverstone SG05 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Technology and Science News
Overclock.net › Forums › Industry News › Technology and Science News › [BBC / Ars] Whole internet probed for insecure devices