Jump to content
House Price Crash Forum

Archived

This topic is now archived and is closed to further replies.

interestrateripoff

Your Fridge Will Need Antivirus Software Or It May Become A Spambot

Recommended Posts

http://www.bbc.co.uk/news/technology-25780908

A fridge has been discovered sending out spam after a web attack managed to compromise smart gadgets.

The fridge was one of more than 100,000 devices used to take part in the spam campaign.

Uncovered by security firm Proofpoint the attack compromised computers, home routers, media PCs and smart TV sets.

The attack is believed to be one of the first to exploit the lax security on devices that are part of the "internet of things".

Poor protection

The spam attack took place between 23 December 2013 and 6 January this year, said Proofpoint in a statement. In total, it said, about 750,000 messages were sent as part of the junk mail campaign. The emails were routed through the compromised gadgets.

About 25% of the messages seen by Proofpoint researchers did not pass through laptops, desktops or smartphones, it said.

Why the hell would you want your fridge connected? Is it going to pour you a beer for when you get home?

Share this post


Link to post
Share on other sites

It occurred to me as an interesting concept where different departments of the fridge could be kept at different temperatures with 'smart' storage as well as it almost being a stock system.

It then occurred that I could probably buy around 100 kilos of fillet steak for the difference between them and a bog standard fridge, as well as the fact that I've never needed smart coolage up to now!

Share this post


Link to post
Share on other sites

We recently bought a smart thermostat with which to run our forced air combined heating and air conditioning system.* Mrs. Ayatollah loves it, especially the ability to set a desired temperature from her iPad just before she leaves work for home, and to find the house condtioned accordingly when she gets back. With bandwidth becoming cheaper and more reliable, I suspect that more and more consumer devices will include wifi connectivity and thus the ability to be driven remotely.

However, it occurs to me that this is a potential security risk. Most of these devices work with the manufacturer's central server acting as a sort of phone exchange between you and the device. So when Mrs. Ayatollah wants to change a setting, she logs on to Honeywell's website, which is in constant communication with the actual thermostat (I'm guessing that it's done this way in order to get round the problem of dynamic IPs in most domestic Internet connections). So her commands go through Honeywell, not directly from her to the thermostat. My NAS hard drive works the same way (only through Seagate rather than Honeywell).

This strikes me as a potential security issue. I don't know how many of these thermostats are in use, but if it gets to be significant, then if a malefactor could gain access to Honeywell's server and have it instruct all the thermostats in a given region to turn their aircon condensers on full blast, that could add up to a denial of service attack on the electricity grid, given the amount of power that could suddenly be drawn.

* These are common in the southwestern US: the system consists of a gas heater and big blower fan in the garage, and a condenser and coil in a unit that sits outside the house. The fan blows air through pipes to vents in the ceilings of all the rooms in a house, and is switchable from blowing hot air heated by the gas burner to cold air cooled by the condenser.

Share this post


Link to post
Share on other sites

We recently bought a smart thermostat with which to run our forced air combined heating and air conditioning system.* Mrs. Ayatollah loves it, especially the ability to set a desired temperature from her iPad just before she leaves work for home, and to find the house condtioned accordingly when she gets back. With bandwidth becoming cheaper and more reliable, I suspect that more and more consumer devices will include wifi connectivity and thus the ability to be driven remotely.

However, it occurs to me that this is a potential security risk. Most of these devices work with the manufacturer's central server acting as a sort of phone exchange between you and the device. So when Mrs. Ayatollah wants to change a setting, she logs on to Honeywell's website, which is in constant communication with the actual thermostat (I'm guessing that it's done this way in order to get round the problem of dynamic IPs in most domestic Internet connections). So her commands go through Honeywell, not directly from her to the thermostat. My NAS hard drive works the same way (only through Seagate rather than Honeywell).

This strikes me as a potential security issue. I don't know how many of these thermostats are in use, but if it gets to be significant, then if a malefactor could gain access to Honeywell's server and have it instruct all the thermostats in a given region to turn their aircon condensers on full blast, that could add up to a denial of service attack on the electricity grid, given the amount of power that could suddenly be drawn.

* These are common in the southwestern US: the system consists of a gas heater and big blower fan in the garage, and a condenser and coil in a unit that sits outside the house. The fan blows air through pipes to vents in the ceilings of all the rooms in a house, and is switchable from blowing hot air heated by the gas burner to cold air cooled by the condenser.

Don't forget that in SoCal, it was proposed to reduce electrical demand, by the utility companies reprogramming these devices remotely. No need for a hacker, basically, you're not in control of it. Just as a back seat driver isn't actually the one in control of a car.

Share this post


Link to post
Share on other sites

Don't forget that in SoCal, it was proposed to reduce electrical demand, by the utility companies reprogramming these devices remotely. No need for a hacker, basically, you're not in control of it. Just as a back seat driver isn't actually the one in control of a car.

That idea hasn't caught on at all. To my knowledge, only one company (Southwest Edison) offers it, they don't provide service in many places, and you've got to have a separate meter and wiring installed in your house at your own expense to use it. The deal is that resource-hungry appliances (principally the HVAC and sprinker systems) are plugged into outlets connected to your second system, and enjoy a lower price per kilowatt hour (or gallon, for sprinklers) if you agree that they can be switched off remotely at times of peak demand. But because of the up-front cost, hardly anyone uses it.

But I agree that this is another potential gotcha with smart thermostats, especially if Honeywell or their competitors quietly change the small print to allow energy companies to ration your HVAC use. However, if that does happen, I anticipate that these things will be ripped out as quickly as they were installed, and sales of new units will cease almost overnight; and so the vendors of these systems will not agree to allow to give energy companies acccess to control them involuntarily.

Besides, there isn't an electricity supply shortage here: the Hoover Dam, other smaller hydroelectric stations, the Palo Verde nuke station, countless wind farms in the high desert and the climate making domestic rooftop photovoltaic installations economically viable make it plentiful and cheap. The price per kWH is around a third to half what it is in Britain. Water is another story, though: metered whether you like it or not, and hellish expensive.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

  • The Prime Minister stated that there were three Brexit options available to the UK:   215 members have voted

    1. 1. Which of the Prime Minister's options would you choose?


      • Leave with the negotiated deal
      • Remain
      • Leave with no deal

    Please sign in or register to vote in this poll. View topic


×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.