The Digital Divide Isn’t Microsoft’s First Priority

But in urban areas all around the world where Microsoft wants to do business, the white spaces will be very useful for “smart city” devices and applications—remember, that’s Microsoft’s big idea. And if the US is already widely using those white spaces, the rest of the world will follow along—both in terms of policy and in terms of providing additional marketplaces for the white spaces ecosystem of manufacturers to sell into.

Source: The Digital Divide Isn’t Microsoft’s First Priority | WIRED

About 90% of Smart TVs Vulnerable to Remote Hacking via Rogue TV Signals

According to Scheel, the problem is that the HbbTV standard, carried by DVB-T signals and supported by all smart TVS, allows the sending of commands that tell smart TVs to access and load a website in the background.

Knowing this, Scheel developed two exploits he hosted on his own website, which when loaded in the TV’s built-in browser would execute malicious code, gain root access, and effectively take over the device.

Source: About 90% of Smart TVs Vulnerable to Remote Hacking via Rogue TV Signals

How IoT hackers turned a university’s network against itself

While this incident represents one of the first of its kind, the bad news is this form of attack is only going to become more common as more and more everyday items get connected to the internet, providing hackers with greater numbers of potential zombie devices.”

The reason behind it is the issue of default credentials for wireless devices. This is going to bring billions of devices into the fold by 2020, which is only three years away. Whenever it is, there’s going to be so many of these things used by people with very limited understanding of what they are,” says Dine.

Source: How IoT hackers turned a university’s network against itself | ZDNet

The network that IoT devices must use should be isolated and secured by a firewall.  This isn’t that difficult to do.

Krebs pinpoints the likely author of the Mirai botnet

The full story is admittedly lengthy, clocking in at over 8000 words, but worth the time to understand how botnet wranglers make money siccing their zombie device armies on unsuspecting targets. The sources that pointed Krebs to Anna Senpai’s identity were involved in using botnets on behalf of shadowy clients, unleashing them on security companies protecting lucrative Minecraft servers that host thousands of players. When their online gaming is obstructed — say, by repeated and annoying DDoS attacks — players leave, giving servers an incentive to jump ship to whichever security provider can ensure protection…in this case, providers that arranged for the botnet attacks in the first place.

Source: Krebs pinpoints the likely author of the Mirai botnet

Microsoft and Liebherr Collaborating on New Generation of Smart Refrigerators

With the SmartDevice capability, future Liebherr refrigerators will help in shopping and planning meals with intelligent food management. Stored groceries can be monitored using internal cameras and object recognition technology. This process not only captures images for viewing but also recognizes individual food items inside the refrigerator. This information flows automatically into an inventory list, which lets the customer see quickly and clearly what is in the refrigerator from anywhere. Using the SmartDeviceBox voice module, additional groceries can be added to a shopping list that customers can access when on the move using an app for iOS, Android or Windows devices.

Source: Microsoft and Liebherr Collaborating on New Generation of Smart Refrigerators | Cortana Intelligence and Machine Learning Blog

Reverse engineering an IP camera

During setup the app instructs the user to either plug in an Ethernet cable or press the ‘pair’ button on the camera which causes the camera to switch to host mode and offer up an open (aka insecure) wireless network.  The app then scans for this network which is typically called CameraHD-(MAC address) and prompts the user to connect to it. This is an alarming feature for a camera designed for outdoor use particularly as the camera also offers a host of unfiltered network services, including the network video feed (RTSP), a bespoke internal messaging service for initiating alerts and two distinct web servers (nuvoton and busybox), one of which has an undocumented firmware upgrade page. Readers of our other blogs will know how much we like upgrading firmware…

Source: Push To Hack: Reverse engineering an IP camera

Wi-Fi Alliance® introduces low power, long range Wi-Fi HaLow™

Wi-Fi HaLow extends Wi-Fi into the 900 MHz band, enabling the low power connectivity necessary for applications including sensor and wearables. Wi-Fi HaLow’s range is nearly twice that of today’s Wi-Fi, and will not only be capable of transmitting signals further, but also providing a more robust connection in challenging environments where the ability to more easily penetrate walls or other barriers is an important consideration.

Source: Wi-Fi Alliance® introduces low power, long range Wi-Fi HaLow™ | Wi-Fi Alliance

Is the IoT a Tech Bubble for Cities

But, with more cities joining the Smart City revolution and investing in sensors and other IoT devices, the risk of a new tech bubble is rising. The same technology giants that helped Barcelona become a smart city are now pushing more pilots of newer technologies with little regard for solutions that already work and can be shared without incurring additional expenses.

Let’s consider a few of the most worrisome issues related to IoT today:

Source: Is the IoT a Tech Bubble for Cities

In the long run, we are being faced with a bunch of independent devices that can’t be managed by a single platform or protocol. Manufacturers are now being required to develop different versions for different standards, effectively increasing manufacturing and engineering costs, and reducing their market potential.

IoT Hubs Expose Connected Homes to Hackers

Many of the most serious flaws revealed a kind of sloppiness in the design and production of the devices, Brandon Creighton, Veracode’s research architect, told The Security Ledger. For example: both the Ubi and Wink Relay devices left debugging interfaces exposed and unsecured in their shipped product.  That could provide an avenue for attackers who had access to the same network as the device to steal information or bypass other security controls.

Exposed debugging interfaces are useful during product testing, but have little or no utility to consumers. That suggests that the companies merely forgot to restrict access to them before shipping, Creighton said.

via Research: IoT Hubs Expose Connected Homes to Hackers | The Security Ledger.

About Anousheh Ansari

Anousheh is a serial entrepreneur and co-founder and chairman of Prodea Systems, a company that will unleash the power of the Internet to all consumers and dramatically alter and simplify consumer’s digital living experience. Prior to founding Prodea Systems, Anousheh served as co-founder, CEO and chairman of Telecom Technologies, Inc.  The company successfully merged with Sonus Networks, Inc., in 2000.

via Anousheh Ansari – About Anousheh Ansari.

This is an amazing story of accomplishment.  It appears from her Prodea Systems website the company sells home automation and now Internet of Things which is a popular buzzword nowadays.  This company made her enough money so she could  buy a trip to ISS in 2006.