Spitballing IoT Security

Keith Medcalf kmedcalf at dessus.com
Fri Oct 28 13:13:26 UTC 2016

On Thursday, 27 October, 2016 22:09, Eliot Lear <lear at ofcourseimright.com> said:

> On 10/28/16 1:55 AM, Keith Medcalf wrote:

> >>> The problem is in allowing inbound connections and going as far as
> doing
> >>> UPnP to tell the CPE router to open a inbound door to let hackers
> loging
> >>> to that IoT  pet feeder to turn it into an agressive DNS destroyer.
> >> Well yes.  uPnP is a problem precisely because it is some random device
> >> asserting on its own that it can be trusted to do what it wants.  Had
> >> that assertion come from the manufacturer, at least you would know that
> >> the device was designed to require that sort of access.**

> > And why would anyone in their right mind trust the manufacturer to make
> > this decision?  <Shudder>
> Because the manufacturer designed the device and knows best as to what
> sort of access it will require.  

Manufacturers of devices and Operating Systems (particularly Microsoft WIndows) have proven over and over and over again that they cannot be trusted to make that decision.  One of the worst offenders, any versions of Windows subsequent to Windows XP, insists in dropping its knickers (opening the firewall) so that anything that wants to can fuck about with (connect to unrestricted from the internet) all the myriad of ever growing piles of shit included by Microsoft.  Even if you close the firewall, the Manufacturer believes it knows better and changes your settings, without your permission.  If you are stupid enough to run UPNP on your network, then all the drivel flarn filth is directly accessible from the internet (and beyond) without restriction.

Preventing the manufacturer from doing that takes a *LOT* of *DEEP* surgery.

I wish that Ballmer fellow would just up and die, and that damn indian too, even more so.  If they got some help along those lines the world would be a lot better place.  They are both total asshats and enemies of security and functionality everywhere.

However, it is not just a microsoft thing -- ALL of them think they know better and they should all fuck off and die. 

> Consider that today most devices have
> unfettered outbound access, and many can arrange for unfettered inbound
> access.  That's Not Good®.  

Yes, because that is what the device manufacturers have programmed the device to do and to have, and to go to inordinate lengths to ignore any directions from the OWNER to the contrary.  They should all be strung up by their balls and dropped with dull rusty pinking shears!

> That doesn't mean that network
> administrators shouldn't be the kings and queens of their castles, but
> as I'm sure you well know, home users don't really know how to rule, and
> so they need some good defaults.

What is wrong with OFF?  That is a good default.

> Put it another way: you bring home a NEST and the first thing you the
> expert might do is read the net to figure out which ports to open.  Are
> you really going to not open those ports?

First of all, I would NEVER bring home a NEST, nor would I ever allow a NEST or anything like it to be connected to my network.  It is an evil device that does nothing of any use to me whatsoever.  It is also dangerous and malicious and will not permit me to control the damn thing, nor to retrieve data from it.  It is a hunk of useless shit.

And no.  Under no circumstances whatsoever do I open ports unless I know what they are for.  And inbound port openings require proof of paid up indemnity insurance in the millions per incident (trillion in total).  Therefore, no inbound ports get opened since no one has ever been able to satisfy this requirement.

End of Line.

More information about the NANOG mailing list