1.    21 Jul 2017 #1
    Join Date : Oct 2014
    In a house with a crazy cat trying to kill me
    Posts : 17,029
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition

    Millions of IoT devices hit by 'Devil's Ivy' bug in open source code


    A flaw in a widely-used code library known as gSOAP has exposed millions of IoT devices, such as security cameras, to a remote attack.

    Researchers at IoT security firm Senrio discovered the Devil's Ivy flaw, a stack buffer overflow bug, while probing the remote configuration services of the M3004 dome camera from Axis Communications. The bug occurs when sending a large XML file to a vulnerable system's web server.
    Millions of IoT devices hit by 'Devil's Ivy' bug in open source code library | ZDNet
      My ComputerSystem Spec
  2.    21 Jul 2017 #2
    Join Date : Aug 2014
    Australia, Adelaide
    Posts : 1,561
    W7 Ultimate SP1 (64 bit), LM 18.2 MATE (64 bit), W10 Home (64 bit)

    I've been saying for years that IoT is a horrible nightmare.

    It should never have been allowed, given all the security issues with PCs and phones.

    Until commercial software is treated the same way as real products we will keep having these problems.
      My ComputerSystem Spec
  3.    21 Jul 2017 #3
    Join Date : Sep 2014
    Nashville, TN
    Posts : 3,143
    Windows 10 Pro

    Quote Originally Posted by lehnerus2000 View Post
    It should never have been allowed, given all the security issues with PCs and phones.
    "Allowed"? Who exactly is the arbiter of what can and cannot be placed on the internet?
      My ComputerSystem Spec
  4.    21 Jul 2017 #4

    We have 3 Foscam cameras (1 in our 4-year-old's bedroom, her playroom, and one in the basement where we keep our dogs). Initially, I had them set up so that they were directly accessible on the net (I was using an app called Babycam Monitor to access it). I quickly learned of the vulnerabilities and decided to close the cameras. I disabled UPnP and disabled port forwarding on my router (Ubiquiti UniFi USG-Pro). Now I can only access them via connection to my OpenVPN server. The OpenVPN server is the only port open.

    I have a ton of IoT devices, which I've separated into VLAN's. Nokia WiFi scale, Chamberlain garage door openers, Samsung washer/dryer, Amazon Dash buttons, Alexa devices, etc. It makes my life much easier, but I'm aware of the risks. I try to keep them as up-to-date as possible and try to keep them from connecting to my main network.

    This is just a risk I take in order to make my life more convenient. Sooner or later I'm sure I will be hit despite all the security measures I've taken.
      My ComputerSystem Spec
  5.    22 Jul 2017 #5
    Join Date : Aug 2014
    Australia, Adelaide
    Posts : 1,561
    W7 Ultimate SP1 (64 bit), LM 18.2 MATE (64 bit), W10 Home (64 bit)

    Quote Originally Posted by Mystere View Post
    "Allowed"? Who exactly is the arbiter of what can and cannot be placed on the internet?
    The same ones who demand that you obey the law and pay your taxes.
      My ComputerSystem Spec
  6.    23 Jul 2017 #6
    Join Date : Jul 2015
    Posts : 185
    win 10 home

    "Allowed"? Who exactly is the arbiter of what can and cannot be placed on the internet?
    The same ones who came down hard on the child who was selling lemonade, to protect the child and deter others from taking on such risks. The same ones who issue licenses and certifications to businesses to ensure consumers at the least have an appearance of protection.

    Regarding IoT, there is no appearance of protection. Someone like ericnxmd can protect himself to some degree. The rest of us require the governance to protect us.
      My ComputerSystem Spec

 


Similar Threads
Thread Forum
Solved Windows 10 Source Code leak
https://www.theregister.co.uk/2017/06/23/windows_10_leak/?mt=1498255659291
General Support
DISM Source Files Could Not be Found - Error Code 0x800f081f
Hello all, I will try to explain my problem as clear as I can. I am not super tech savvy, so I need your help. I found a thread that seemed to have the same problem but it did not fix mine. Before I upgraded from Windows 8.1 to 10, everything...
Performance & Maintenance
Notepad app I used a source code on youtube
This is a notepad app I'm planning to add to it a new features this is just a hobby Dropbox - Notes.7z
Chillout Room
Windows 10 and CodeBlocks - My source code is not visible
Hi Everyone, I'm new here, having recently updated from Windows 7 to 10. All seemed fine for a while then a major problem happened - lost a week trying to solve it so far! My source code is in a CodeBlocks 'window ', that has moved of its...
Software and Apps
Why Avast won't show source code to the government, but others do
Read more: Why Avast won't show source code to the government, but others do | ZDNet
Windows 10 News
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 02:44.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums