Heatmiser WiFi thermostat vulnerabilities

Posted on by

Scanning for Heatmiser thermostats on port 8068 really just requires a quick check for port 8068 being open – we can be fairly confident that anything with this port open is one of their devices.  We can then make detailed check on port 80.
nmap -p 8068 -Pn -T 5 --open 78.12.1-254.1-254
nmap can easily do this scan. If you want to scan large blocks of addresses though, masscan is much faster.

via » Heatmiser WiFi thermostat vulnerabilities.

You need to forward ports at your local router so if you try and access this thermostat from the Internet and you come in on (per above example) port 8068 that the router knows to forward all that traffic to whatever IP it has associated with that port.  This allows users to access things inside their local network from anywhere on the Internet.  It also allows anyone on the Internet to access that internal device.

Here is my opinion on this matter.  As the world moves towards self driving cars and self driving planes, extremely complicated devices that you would think need human intervention, the world is also moving to take very simple devices, like household appliances and making them so they need human intervention.  A thermostat should be set and forget.  It should have simple intelligence to figure out what temperature to set a room.  If a human must get involved in messing with a thermostat then perhaps something went wrong but it’s not an emergency like this:

Should Airplanes Be Flying Themselves? | Vanity Fair.

A thermostat can certainly wait until you get home to physically figure out the problem and put it back on auto.  The Internet of Things can certainly be useful for read only, like buzzing your phone when the dishes or laundry finishes.  You can’t load laundry or dishes into these devices via the Internet so how do benefits from controlling them remotely, especially from remote Internet locations, outweigh the risks from allowing bad guys get into your local network.

Finally, here’s a link to a site that does port scanning on the Internet for you.  Seems like a useful resource to know.

Plugging this into Shodan we get over 7000 results. That’s quite a lot. (note, you might need to register to use filters like this).

All Circuits Aren’t Busy

Posted on by

Network neutrality came from the telephone business. With electronic phone switching (analog, not digital) it was possible to give phone company customers who were willing to pay more priority access to trunk lines, avoiding the dreaded “all circuits are busy, please try your call again later.” Alas, some folks almost never got a circuit, so the FCC put a halt to that practice by mandating what it called “network neutrality” – first-come, first-served access to the voice network. When the commercial Internet came along, network neutrality was extended to digital data services, lately over the objection of telcos and big ISPs like Comcast, and the FCC is now about to expand those rules a bit more, which was in this week’s news. But to give network neutrality the proper context, we really should go back to that original analog voice example, because there are more details there worth telling.

via I, Cringely All Circuits Aren’t Busy – I, Cringely.

Tools for a Safer PC

Posted on by

EMET, short for the Enhanced Mitigation Experience Toolkit, is a free tool from Microsoft that can help Windows users beef up the security of commonly used applications, whether they are made by a third-party vendor or by Microsoft. EMET allows users to force applications to use one or both of two key security defenses built into Windows Vista and Windows 7 — Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP).

Put very simply, DEP is designed to make it harder to exploit security vulnerabilities on Windows, and ASLR makes it more difficult for exploits and malware to find the specific places in a system’s memory that they need to do their dirty work.

via Tools for a Safer PC — Krebs on Security.

By creating a free account at OpenDNS.com, changing the DNS settings on your machine, and registering your Internet address with OpenDNS, the company will block your computer from communicating with known malware and phishing sites. OpenDNS also offers a fairly effective adult content filtering service that can be used to block porn sites on an entire household’s network.

Cloud darling Docker gets $40M in funding to push its container technology

Posted on by

Docker, the company that backs the open source Docker container platform, announced on Tuesday that it has raised a $40 million Series C funding round, bringing the company’s total funding to $66 million. Sequoia Capital led the investment along with existing investors Benchmark Capital, Greylock Partners, Insight Ventures, Trinity Ventures and Jerry Yang.

via Cloud darling Docker gets $40M in funding to push its container technology — Tech News and Analysis.

Why Is It Taking So Long to Secure Internet Routing?

Posted on by

Why is it taking so long to secure BGP?

The answer to this question lies in the fact that BGP is a global protocol, running across organizational and national borders. As such, it lacks a single centralized authority that can mandate the deployment of a security solution; instead, every organization can autonomously decide which routing security solutions it will deploy in its own network. Thus, the deployment becomes a coordination game among thousands of independently operated networks. This is further complicated by the fact that many security solutions do not work well unless a large number of networks deploy them.

via Why Is It Taking So Long to Secure Internet Routing? – ACM Queue.

Newest ‘procedural-generation’ Questions

Posted on by

Often synonymous with “random generation”, procedural generation is the usage of calculations and algorithms to create content, rather than referring to preset data. The typical reason is to generate content mid-gameplay, which makes for a more unpredictable and unique experience in multiple playthroughs. Common elements that are subject to procedural generation in games include item attributes, enemy abilities, and level layouts.

Procedural generation specifically refers to the usage of algorithms to generate content, it is not necessary to be random. Pseudo-random generators with fixed seeds can be considered procedural generation despite producing identical results.

via Newest ‘procedural-generation’ Questions – Game Development Stack Exchange.

Robot OS to support Linux and Android on Snapdragon

Posted on by

Developed in large part by now defunct Willow Garage, ROS was designed for collaborative, open source robotics development. ROS is a collection of tools and libraries that simplify the task of creating and programming robotic platforms and applications. ROS is not a real-time OS, but it can be integrated with RTOSes, as well as Linux. As of earlier this year, Android support was added.

The default install for ROS is Ubuntu Linux. Core ROS components include message passing, message recording and playback, remote procedure calls, and a distributed parameter system. In addition to these core middleware components, ROS offers more robotics-specific features like a Unified Robot Description Format (URDF), a remote geometry library, preemptable remote procedure calls, and diagnostics. It also offers ready-built packages for common robotics problems like mobile navigation, pose estimation, and building a map and having the robot self-localize on it.

via Robot OS to support Linux and Android on Snapdragon ·  LinuxGizmos.com.

NHS grows a NoSQL backbone and rips out its Oracle Spine

Posted on by

The switch from relational hadn’t been too hard because Riak is a key-value store, which made modeling relatively easy. Key value-stores are relatively simple database management systems that store just pairs of keys and values.

McCaul reckoned, too, migration of data had been made possible because the structure of patient records lent themselves to Riak’s key-value mode

via NHS grows a NoSQL backbone and rips out its Oracle Spine • The Register.

The True Story of How the Patent Bar Captured a Court and Shrank the Intellectual Commons

Posted on by

In defining the limits of patent rights, our political institutions have gotten an analogous question badly wrong. A single, politically captured circuit court with exclusive jurisdiction over patent appeals has consistently expanded the scope of patentable subject matter. This expansion has resulted in an explosion of both patents and patent litigation, with destructive consequences.

via The True Story of How the Patent Bar Captured a Court and Shrank the Intellectual Commons | Cato Unbound.