Ricochet is the best place on the internet to discuss the issues of the day, either through commenting on posts or writing your own for our active and dynamic community in a fully moderated environment. In addition, the Ricochet Audio Network offers over 50 original podcasts with new episodes released every day.
How ’bout that Mirai Botnet
Do you remember that thing? It was the panic of the week last fall. Some jerks took large portions of the internet down for a couple hours. Everyone was in a tizzy for a bit. Well, the problem is still there. At least now nobody’s in a flail-your-arms panic over it, so maybe it’s worth discussing solutions.
Since there’s very little reason to remember the panic of the day even a week later, let me remind you how this works. A couple years back “Internet of Things” became the fashionable buzzword, so we all went out and bought WiFi enabled toasters. Now you can start toasting automatically when your alarm clock goes off. The fact that your toast will be ice cold by your seventh snooze is a small price to pay for living in The Future! But when you got your FutureToast, you didn’t bother to change the default password (it’s a hassle and if you did you’d forget the new one and what’s the worst that could happen anyway?) Mr. Nefarious Hacker sees that you’ve got a FutureToast, and he can log into it too. With your toaster and the 13,000 other ones that nobody’s changed the passwords on (and the 3300 GarageNoMores, and 4200 BlindsWithScience, and 132 HubCapConnects) he’s got access to a massive number internet connected devices. Mr. Nefarious Hacker can then use them to form punishing denial of service attacks, making the internet useless to the rest of us.
How do we solve this problem? It seems resistant to market forces. From FutureToast Inc.’s perspective adding security to their toasters makes them cost more and makes them less user friendly. That translates to less toaster sales. The Customer doesn’t care; the fact that his toaster is a tool for world domination doesn’t stop it from providing toast on demand.
If you ask the computer security industry, they tend to tell you “Government Regulation.” Every FutureToast variant has to have a password change on first boot up, mandated by law. This solves the problem in the future, but there’s still a heck of a lot of unsecured devices in existence today. The government is also a good way to take all the vitality out of an industry. Maybe there are better solutions.
You could educate the public. As a rule that never works. Take me as an example. I know this is a thing, and I think it’s a big enough problem to post about it on Ricochet. Now ask me what my password is for my Raspberry Pi. It’s not hard to guess.
You could hack back. If you go into my FutureToast and change the passwords then Mr. Nefarious Hacker can’t use it. But then I can’t use it anymore, either. That approach amounts to the destruction of property. This is also not a good solution.
You could, and I can’t overstate the general applicability of this solution, actively wait for your problem to go away. We haven’t seen Mirai in the news much at all even though nobody’s fixed the problem. Maybe the world wakes up and realizes their fridge really shouldn’t have anything to say to their toilet and they stop buying IoT devices. Maybe we figure out a better way to catch the people behind these attacks and launching them becomes a much riskier proposition. Maybe Russia gets into a war with China and the world’s supply of hackers gets busy fighting one another. Maybe none of those happen and we’re still stuck with the problem.
What do you think, Ricochet? Got any brilliant ideas?
Published in Technology
A coworker has the technology on his AC unit, so he can start it up when he leaves work and get the house cold by the time he gets there. That seems alright, but judging from my electric bills I’m not worried about the extra cost imposed by leaving it on when I’m at work.
I know. It makes no sense to me to even have Wifi on my washer. What am I going to do? Throw a bunch of dirty laundry in it but not start it right away, just so I can tell it to fire up remotely? Daft.
Programmable thermostat, anyone?
Well, yeah. If you’ve got central heating and cooling. My AC unit is just a window mount and not connected, so it only gets used as necessary anyway.
Perhaps those sexbots I keep hearing about can have additional features, including “Load the Washing Machine” and “Fold the Laundry“. And maybe “Make me a sandwich” would provide a reason for the toaster to be internet-ready.
My laundry would finally be folded! Double bonus!
Maybe even quadruple?
All I want is a toaster that plays “Sprach Zarathustra” as the coils heat up.
Maybe the washamachine could play “Flight of the Valkyries” when overloaded (which, let’s be honest, is every load).
On the verge of IoT, a security expert I know uses something that connects his doorbell to a camera so that he can see the person on his smartphone before answering. It also acts as intercom for taunting door-to-door salesmen.
I can see two ways to go about this: as the coils heat up, it does the first part, and then the toast pops up to “ba-baaaa” or it plays the whole thing, and as it concludes instead of popping the toast slowly rises from the toaster.
If I may borrow Ricochetti pen names for a second, I think “Sabre Dance” is the better choice for an overloaded washer.
WhippedCream?
unless you keep it in your IoT-enabled fridge.
Coming right up . . .
There are advantages to not having a smartphone.
I want a new bumper sticker that says ” Resist the IoT!”
I am not fond of the constant articles telling me that my future will consist of internet-connected absolutely everything, driverless cars, car-sharing rather than car-owning, “smart” electric meters, etc…. Not for me, thank you. I prefer Liberty.
Come on, the next step is Skynet. I say let’s go all “Elvis” and shoot the damn devices. Except my Alexa. I just love getting garbage I didn’t know I ordered.
Don’t buy a BMW then. My parents have one and when it needs an oil change it will notify the dealership, who will then call my parents to set up an appointment.
Unless the refrigerator squeals.
If there were an IoT device that would keep those dang kids off of my lawn, however…
You just need one of those invisible fences. Don’t know how to get the collars on the kids though.
Forget the collars, use embedded chips. And a blowgun.
What if I want the laundry folded but don’t want a sexbot?
Get a laundress or take it to a cleaner? Have the self-driving car take it to the cleaner. Hmm but we still need to get it in the car. . .
Be patient. Let the early adopters pay back the R&D costs, then when that market starts getting saturated, the manufacturers will come out with another, cheaper, model that just does the household chores so as to expand the market.
A nanabot is what you need — not to be confused with nanobots, which cover your clothes in Dilbert cartoons when left in the wash.
I’m going to start buying every small appliance I find at yard sales. In 10 years they’ll be worth a fortune. If you want an off-line appliance you’ll have to get it from me. Mwhahahahahaha.
I got married, but your mileage may vary.
For some reason I hear a lot more about sexbots and not so much about laundrybots. I’m wondering if the market for them is the same size.
There is a laundry bot out there, but being purpose built as a laundry bot I’m not sure there is much cross marketing potential unless one has some really messed up fetishes.