Saturday, October 22, 2016

Has the internet become a time bomb?

Jazz Shaw at Hot Air discusses the massive cyber attack yesterday that took down a slew of servers, affecting popular sites such as Twitter and Netflix.

Getting off the grid voluntarily (as opposed to having it pulled out from under me) is starting to look better and better - but also harder and harder.


bruce said...

Apparently it isn't even the Internet of Things which is the problem, because most of that is secure (see comments on Instapundit), but it was a few categories like DVR's and webcams which aren't yet nailed down. In the US, the numbers of people doing anything in any particular category are staggering. 40 million people changing houses at any many webcams and DVRs. So any weak spot will also be a big hole until it's plugged. It's not just the internet I think, the bigger anything gets the easier it is to see weaknesses.

Gregoryno6 said...

The internet is the voice of the citizen that doesn't want to be spoonfed by the MSM. I'm surprised that a 'scorched net' (so to speak) campaign hasn't come before this.

Veeshir said...

Nobody should hook up anything vital to the internet.
If some hacker can screw with our electrical grid, it's gonna happen sooner or later.

Hopefully the military set up their own internet when they gave us theirs.

Saying that, I'd suggest gov'ts were the most like to screw with the internet.

They all liked it better when their official news organs (like Pravda in Russia or NBC in the US) did not have to compete in the marketplace of ideas.

bruce said...

These are the two comments from Instapundit who put this in perspective:

"Glenn, most valuable IoT applications involve collecting tiny amounts of data from widely scattered devices. For example, reading electric meters without having to pay a guy to drive around in a truck. Any reasonably smart implementation would throttle the data rate to slow speeds and schedule operation for some time when network usage is low. AT&T and Verizon built cellular networks with nearly ubiquitous coverage and IoT provides them with a way to earn extra money from those
networks during off-peak hours. Industrial IoT would be about as usless for a DDOS attack as an old computer connected to the internet via a slow dial-up modem.

President Friedman George B • 8 hours ago
Yes, the radio frequency networks most smartmeters use for communication operate at dial-up speeds, the Power Line Carrier systems are even slower. Plus data is encrypted end-to-end and many of the newer systems have a unique encryption key for each device (as opposed to one key for the entire network). I have seen some cellular access points for these systems in the field that had default credentials, but even then without the encryption key all a hacker could do is stop communications through that device, which wouldn't shut off anyone's electricity. It could make tracking outages a bitch though.

The important stuff that is connected to the Internet tends to have much better security tha DVR's and webcams, but of course nothing is bulletproof."

rinardman said...

On the bright side, Algore created the internet; so if something bad happens to it, he can fix it.

JeffS said...

"Hopefully the military set up their own internet when they gave us theirs. "

Not really, as I understand matters. They are trying, no doubt about it, and I've been out of that world for several years. But the basic infrastructure is often shared between military, commercial, and private use. For example, laying fiber optic cables dedicated to military use would be difficult, especially since said cables would likely be in the same trench as the others. Not so long as private property isn't openly sneered at by the government.

(Please note that I said "openly" Eminent domain is all-too-frequently abused.)

That said, the amount of home automation is INSANE. Yes, being able to check the house thermostat from Cancun, or maybe watch the kids by webcam, is convenient. But it opens the doors to hackers and mescreants, especially when people don't bother changing the default password. Even a encrypted wifi signal is hackable, as I found out the hard way. And I have a lot of hardware at home, none of it automated. There's always a way.

Industrial automation (primarily through the use of programable logic controllers, a/k/a PLC) aren't quite as bad, as I understand matters, but they are on the INTERNET, and thus subject to attack. There's always a way.