Overclock.net › Forums › Industry News › Software News › [TheRegister]Connected kettles boil over, spill Wi-Fi passwords over London
New Posts  All Forums:Forum Nav:

[TheRegister]Connected kettles boil over, spill Wi-Fi passwords over London - Page 7

post #61 of 76
Thread Starter 
Its similar the androids security

Loads of old devices that will never be patched still being used all over the place
Newer models are more secure but over time they will become unsupported on new releases
Users are either lazy or aren't educated enough . Many people just don't want to use long passwords .



There are massive amounts of issues with security . Devices like this are of great concern and most people don't even realize .

If routers where secure you wouldn't have mass botnets all over the world with them . Be it if a network client was taken over then used a security flaw or even the stock password.


Nothing is truly secure .... People end up being the main threat even in the most secure networks and infrastructures in the world.

Exploiting and showing the world keeps the pressure up on manufactures and educates people in what they are buying.
Shadownet
(12 items)
 
 
CPUMotherboardGraphicsRAM
5930k Asus rampage V Extreme  Inno3D GTX 970 Hercluez x4 airboss ultra  Gskill ripjaws DDR4 3200mhz 
Hard DriveHard DriveHard DriveCooling
WD black  WD Black  Seagate ES  Custom loop  
OSKeyboardPowerCase
Windows 10  Corsair k70  Super flower 1000 W plat  Corsair 900D 
  hide details  
Reply
Shadownet
(12 items)
 
 
CPUMotherboardGraphicsRAM
5930k Asus rampage V Extreme  Inno3D GTX 970 Hercluez x4 airboss ultra  Gskill ripjaws DDR4 3200mhz 
Hard DriveHard DriveHard DriveCooling
WD black  WD Black  Seagate ES  Custom loop  
OSKeyboardPowerCase
Windows 10  Corsair k70  Super flower 1000 W plat  Corsair 900D 
  hide details  
Reply
post #62 of 76
Quote:
Originally Posted by PostalTwinkie View Post

ISPs do very little to educate their customers, instead opting to push their own service calls in order to make profits. It is a very common industry standard. Further, often times you don't need to compromise the router itself, but attached devices. Many of the IoT devices you see out there have very weak security, or multiple vulnerabilities.

Your view of open networks is also probably limited to your very narrow area. Basically the immediate surrounding of your home and places you frequent. Odds are likely you aren't in a position that you see a lot of wireless networks. Many times I have been on top of one of my towers and scanned the surrounding cities. There are so many unsecured networks out there, networks using default credentials, or otherwise have some sort of vulnerability.

There is far more to a network than the password you set on the AP.

The vulnerability of devices attached to networks was discussed very early in this thread, so yeah we're aware of that.

And no, I didnt use the 10 or so networks hosted in my building to come to the conclusion that WEP isnt wildly used anymore. The only articles/studies I could find were unfortunately a little dated, but still showed a pretty even distribution between WEP, WPA, WPA2 and unsecured networks in 2011. So since then, we can only assume the use of WEP/unsecured networks has decreased since people are more aware of the risks in using unsecured or poorly secured networks. Unsecure encryption and a poor password isn't the only way to attack a network, but they are pretty much an end users only way in ensuring they've done their part when it comes to protecting themselves and their network. I'm just trying to dispell the myth that WEP is still a really prevolent attack vector.
The Douchebag
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8320 SABERTOOTH 990FX AMD Radeon (TM) R9 380 Series Mushkin  
  hide details  
Reply
The Douchebag
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8320 SABERTOOTH 990FX AMD Radeon (TM) R9 380 Series Mushkin  
  hide details  
Reply
post #63 of 76
On top of that unsecured networks often require authentication anyway through a portal and you wouldn't know that unless you connected. Were those unsecured networks hosting anything of value? Probably not, so this huge threat people are citing isn't a big deal after all
The Douchebag
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8320 SABERTOOTH 990FX AMD Radeon (TM) R9 380 Series Mushkin  
  hide details  
Reply
The Douchebag
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8320 SABERTOOTH 990FX AMD Radeon (TM) R9 380 Series Mushkin  
  hide details  
Reply
post #64 of 76
Quote:
Originally Posted by doritos93 View Post

The vulnerability of devices attached to networks was discussed very early in this thread, so yeah we're aware of that.

And no, I didnt use the 10 or so networks hosted in my building to come to the conclusion that WEP isnt wildly used anymore. The only articles/studies I could find were unfortunately a little dated, but still showed a pretty even distribution between WEP, WPA, WPA2 and unsecured networks in 2011. So since then, we can only assume the use of WEP/unsecured networks has decreased since people are more aware of the risks in using unsecured or poorly secured networks. Unsecure encryption and a poor password isn't the only way to attack a network, but they are pretty much an end users only way in ensuring they've done their part when it comes to protecting themselves and their network. I'm just trying to dispell the myth that WEP is still a really prevolent attack vector.

I am not talking about WEP specifically, as I said, I am not even talking about the AP itself. I am talking about other connected devices.

Again, home wireless network security is weak and connected devices are typically easy to compromise. As most people have no clue.

As for "value", again, you show your lack of understanding. Identity theft is extremely common, and the amount of info people are keeping on their systems is more than enough.

I think you would be surprised about how big of an issue it can be.
    
CPUMotherboardGraphicsRAM
Intel i7 5820K AsRock Extreme6 X99 Gigabyte GTX 980 Ti Windforce OC 16 GB Corsair Vengeance LPX 
Hard DriveHard DriveCoolingOS
Samsung 840 EVO 250GB - HDD Speed Edtition Samsung SM951 512 GB - I still hate Samsung!  Noctua NHD14 Windows 10 
MonitorMonitorMonitorKeyboard
Achieva Shimian QH270-Lite Overlord Computer Tempest X27OC  Acer Predator XB270HU Filco Majestouch 2 Ninja 
PowerCaseMouseMouse Pad
Seasonic X-1250 Fractal Design R5 Razer Naga Razer Goliathus Alpha 
AudioAudio
AKG K702 65th Anniversary Edition Creative Sound Blaster Zx 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel i7 5820K AsRock Extreme6 X99 Gigabyte GTX 980 Ti Windforce OC 16 GB Corsair Vengeance LPX 
Hard DriveHard DriveCoolingOS
Samsung 840 EVO 250GB - HDD Speed Edtition Samsung SM951 512 GB - I still hate Samsung!  Noctua NHD14 Windows 10 
MonitorMonitorMonitorKeyboard
Achieva Shimian QH270-Lite Overlord Computer Tempest X27OC  Acer Predator XB270HU Filco Majestouch 2 Ninja 
PowerCaseMouseMouse Pad
Seasonic X-1250 Fractal Design R5 Razer Naga Razer Goliathus Alpha 
AudioAudio
AKG K702 65th Anniversary Edition Creative Sound Blaster Zx 
  hide details  
Reply
post #65 of 76
Quote:
Originally Posted by PostalTwinkie View Post

I am not talking about WEP specifically, as I said, I am not even talking about the AP itself. I am talking about other connected devices.

Again, home wireless network security is weak and connected devices are typically easy to compromise. As most people have no clue.

As for "value", again, you show your lack of understanding. Identity theft is extremely common, and the amount of info people are keeping on their systems is more than enough.

I think you would be surprised about how big of an issue it can be.


Not to mention that unsecured wireless networks are a major avenue for downloading child porn (THINK OF THE CHILDREN!) and other pirated content.
Dynamix
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-860 Gigabyte GA-P55A-UD4P Radeon 7970 Corsair Domintor Twins + Other = 16 Gb 
Hard DriveHard DriveOptical DriveCooling
WD Caviar Black, 500gb OCZ Solid 3 Sony Optiarc Corsair H50 
OSMonitorKeyboardPower
Windows 7 Ultimate Samsung P2570HD + Other Logitech G110 Corsair 750W HX 
CaseMouse
Antec p183 Logitech MX Revolution 
  hide details  
Reply
Dynamix
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-860 Gigabyte GA-P55A-UD4P Radeon 7970 Corsair Domintor Twins + Other = 16 Gb 
Hard DriveHard DriveOptical DriveCooling
WD Caviar Black, 500gb OCZ Solid 3 Sony Optiarc Corsair H50 
OSMonitorKeyboardPower
Windows 7 Ultimate Samsung P2570HD + Other Logitech G110 Corsair 750W HX 
CaseMouse
Antec p183 Logitech MX Revolution 
  hide details  
Reply
post #66 of 76
Quote:
Originally Posted by PostalTwinkie View Post

I am not talking about WEP specifically, as I said, I am not even talking about the AP itself. I am talking about other connected devices.
Quote:
The average home wireless network is laughably easy to compromise. IoT is going to be a lot of fun for people, and not a lot of fun for others!
is what you said. The fact that IoT devices are insecure has been mentioned countless times in the first 50 posts of this thread. We didn't need you to confirm that fact for us tbh
Quote:
Originally Posted by PostalTwinkie View Post

Again, home wireless network security is weak and connected devices are typically easy to compromise. As most people have no clue.

As for "value", again, you show your lack of understanding. Identity theft is extremely common, and the amount of info people are keeping on their systems is more than enough.

I think you would be surprised about how big of an issue it can be

This is a fairly well documented subject, I'm not sure if you know. The best way to steal people's personal data is not by getting within range of their WLAN, praying they use weak security and hoping they keep sensitive data on their systems. We see clearly that hackers target the businesses that people deal with to get personal data. It's 2015, not 2005. thumb.gif So that's that for identity theft lol

For businesses running insecure networks and also handling client data, well there's no excuse for that. But you'll probably find there are very few, especially since stuff like the Target leak and Ashley Madison
The Douchebag
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8320 SABERTOOTH 990FX AMD Radeon (TM) R9 380 Series Mushkin  
  hide details  
Reply
The Douchebag
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8320 SABERTOOTH 990FX AMD Radeon (TM) R9 380 Series Mushkin  
  hide details  
Reply
post #67 of 76
Quote:
Originally Posted by doritos93 View Post


is what you said. The fact that IoT devices are insecure has been mentioned countless times in the first 50 posts of this thread. We didn't need you to confirm that fact for us tbh
This is a fairly well documented subject, I'm not sure if you know. The best way to steal people's personal data is not by getting within range of their WLAN, praying they use weak security and hoping they keep sensitive data on their systems. We see clearly that hackers target the businesses that people deal with to get personal data. It's 2015, not 2005. thumb.gif So that's that for identity theft lol

For businesses running insecure networks and also handling client data, well there's no excuse for that. But you'll probably find there are very few, especially since stuff like the Target leak and Ashley Madison

You are right, extremely well geared and talented thieves will attack major corporations for that data. However, those are the big breaches that make the news, that you hear about. What I am talking about are the modern day thieves that instead of washing checks, are fishing wireless networks for information. Just like they go through your actual trash out at the curb looking for information, they can go through your digital trash (so to speak) as well.

As for range, that is none issue. A basic Ubiquiti radio with high gain antenna or parabolic dish will pick up a wireless network from miles away.

I have been fairly soft on my point up till now, so let me try putting it this way....

You are completely wrong to think that home networks are not a focus of identity thieves, or other thieves, and that security is handled and none issue. That what is being discussed right now is an issue from years ago. What we are discussing right now is a massive issue, one that my business (WISP) has to deal with on an extremely regular basis.

EDIT:

To give you an idea of the scope I am talking about, where I am coming from. Right now, from this seat, I can log into one of about a hundred access points of mine, that can scan and see literally thousands of wireless networks.
    
CPUMotherboardGraphicsRAM
Intel i7 5820K AsRock Extreme6 X99 Gigabyte GTX 980 Ti Windforce OC 16 GB Corsair Vengeance LPX 
Hard DriveHard DriveCoolingOS
Samsung 840 EVO 250GB - HDD Speed Edtition Samsung SM951 512 GB - I still hate Samsung!  Noctua NHD14 Windows 10 
MonitorMonitorMonitorKeyboard
Achieva Shimian QH270-Lite Overlord Computer Tempest X27OC  Acer Predator XB270HU Filco Majestouch 2 Ninja 
PowerCaseMouseMouse Pad
Seasonic X-1250 Fractal Design R5 Razer Naga Razer Goliathus Alpha 
AudioAudio
AKG K702 65th Anniversary Edition Creative Sound Blaster Zx 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel i7 5820K AsRock Extreme6 X99 Gigabyte GTX 980 Ti Windforce OC 16 GB Corsair Vengeance LPX 
Hard DriveHard DriveCoolingOS
Samsung 840 EVO 250GB - HDD Speed Edtition Samsung SM951 512 GB - I still hate Samsung!  Noctua NHD14 Windows 10 
MonitorMonitorMonitorKeyboard
Achieva Shimian QH270-Lite Overlord Computer Tempest X27OC  Acer Predator XB270HU Filco Majestouch 2 Ninja 
PowerCaseMouseMouse Pad
Seasonic X-1250 Fractal Design R5 Razer Naga Razer Goliathus Alpha 
AudioAudio
AKG K702 65th Anniversary Edition Creative Sound Blaster Zx 
  hide details  
Reply
post #68 of 76
Forgetting all the wireless security stuff, and just looking at this as a kettle, Who would want this anyway! It just means it takes longer to make a cup of tea. Anything that holds you back from tea is a bad thing.

A 3kw kettle takes just seconds to boil, in which time you can go and prepare the cups and get the milk out the fridge. By the time you've done this it's just about boiled. If you boil the kettle, then prepare everything once it's done you'll just be drinking cold tea.

I hope that kettle has a way of telling the app the water level. Otherwise it would be possible to continually turn it on with no water.

18e2e311d794a44a2c83a3d6587b04aa.gif
     
CPUMotherboardGraphicsRAM
Intel Core i5 2500k @ 4ghz Asus P8P67 pro Gigabyte GTX780 12GB Corsair RAM (2/3 vengance, 1/3 XMS3) 
Hard DriveHard DriveHard DriveOptical Drive
500gb Spinpoint f3 Samsung 840 EVO 120gb Seagate 7200.14 2tb Samsung dvd+-rw 
CoolingOSMonitorMonitor
Noctua NH-D14 Windows 7 ultimate x64 LG 24MP55 x2 LG 32LD450 
KeyboardPowerCaseMouse
Dell thing. Corsair TX650 Coolermaster cm690 Logitech G500 
Mouse PadAudioAudio
none Xonar DG and logitech X-540 Beyer DT770 PRO 
CPUMotherboardGraphicsRAM
AMD A6-4455m 2.1ghz Dual Covered in tea stains Radeon 7500G 6GB 
Hard DriveOptical DriveCoolingOS
SSD soon None Inadequate Win7 of course 
MonitorKeyboardCase
It's awful A bit meh, Bodged hinge repair (Nut and bolt through back ... 
CPUMotherboardGraphicsRAM
Celeron M 360 1.4ghz Packard bell easynote (lynx banias) Intel 855gm 768mb 
Hard DriveOptical DriveOSMonitor
50gb seagate Cd dvd combi XP sp3 15 
KeyboardPowerCaseMouse
one with buttons Brick It has one It has leds 
Mouse Pad
my lap or the chair 
  hide details  
Reply
     
CPUMotherboardGraphicsRAM
Intel Core i5 2500k @ 4ghz Asus P8P67 pro Gigabyte GTX780 12GB Corsair RAM (2/3 vengance, 1/3 XMS3) 
Hard DriveHard DriveHard DriveOptical Drive
500gb Spinpoint f3 Samsung 840 EVO 120gb Seagate 7200.14 2tb Samsung dvd+-rw 
CoolingOSMonitorMonitor
Noctua NH-D14 Windows 7 ultimate x64 LG 24MP55 x2 LG 32LD450 
KeyboardPowerCaseMouse
Dell thing. Corsair TX650 Coolermaster cm690 Logitech G500 
Mouse PadAudioAudio
none Xonar DG and logitech X-540 Beyer DT770 PRO 
CPUMotherboardGraphicsRAM
AMD A6-4455m 2.1ghz Dual Covered in tea stains Radeon 7500G 6GB 
Hard DriveOptical DriveCoolingOS
SSD soon None Inadequate Win7 of course 
MonitorKeyboardCase
It's awful A bit meh, Bodged hinge repair (Nut and bolt through back ... 
CPUMotherboardGraphicsRAM
Celeron M 360 1.4ghz Packard bell easynote (lynx banias) Intel 855gm 768mb 
Hard DriveOptical DriveOSMonitor
50gb seagate Cd dvd combi XP sp3 15 
KeyboardPowerCaseMouse
one with buttons Brick It has one It has leds 
Mouse Pad
my lap or the chair 
  hide details  
Reply
post #69 of 76
Quote:
Originally Posted by alltoasters View Post

Forgetting all the wireless security stuff, and just looking at this as a kettle, Who would want this anyway! It just means it takes longer to make a cup of tea. Anything that holds you back from tea is a bad thing.

A 3kw kettle takes just seconds to boil, in which time you can go and prepare the cups and get the milk out the fridge. By the time you've done this it's just about boiled. If you boil the kettle, then prepare everything once it's done you'll just be drinking cold tea.

I hope that kettle has a way of telling the app the water level. Otherwise it would be possible to continually turn it on with no water.

18e2e311d794a44a2c83a3d6587b04aa.gif


It was brought up at the front of the thread, but yeah, stupid thing, no one needs a wireless kettle.

However we all need a webOS toaster in our lives. tongue.gif


Edited by Zen00 - 10/23/15 at 2:56pm
Dynamix
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-860 Gigabyte GA-P55A-UD4P Radeon 7970 Corsair Domintor Twins + Other = 16 Gb 
Hard DriveHard DriveOptical DriveCooling
WD Caviar Black, 500gb OCZ Solid 3 Sony Optiarc Corsair H50 
OSMonitorKeyboardPower
Windows 7 Ultimate Samsung P2570HD + Other Logitech G110 Corsair 750W HX 
CaseMouse
Antec p183 Logitech MX Revolution 
  hide details  
Reply
Dynamix
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-860 Gigabyte GA-P55A-UD4P Radeon 7970 Corsair Domintor Twins + Other = 16 Gb 
Hard DriveHard DriveOptical DriveCooling
WD Caviar Black, 500gb OCZ Solid 3 Sony Optiarc Corsair H50 
OSMonitorKeyboardPower
Windows 7 Ultimate Samsung P2570HD + Other Logitech G110 Corsair 750W HX 
CaseMouse
Antec p183 Logitech MX Revolution 
  hide details  
Reply
post #70 of 76
I don't like the idea of internet connected appliances, or internet connected home automation, or internet connected cars. In fact, I don't like the idea of cars with electronics at all (I drive a 1978 Chevy C10 with a carburetor and points ignition). I think adding electronics and internet connectivity to everyday objects makes them unnecessarily complicated and in the case of the latter, adds security risks.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [TheRegister]Connected kettles boil over, spill Wi-Fi passwords over London