Hot damn.... Consumer VDSL/Ethernet WiFi router.. "[Security] Set SSID of Wireless to ";reboot" will cause CPE reboot until reset to default."
What if I set the SSID to ";rm -rf /" ;)
Discover the power of IoT technology for your business with our top-rated IoT development company. We specialize in creating innovative and scalable solutions that leverage the Internet of Things to drive growth, efficiency, and competitive advantage.
I've got an idea. Let's form an IoT company. One that makes really great, high quality, well designed products. You know, ones that don't drop out every time you look at them wrong. We offer them cheap, burning through some VC money.
We will certainly fail. But for one glorious moment, people will know good IoT. And the next time somebody tries to sell them crap, they get beaten to a pulp with their shitty products.
And perhaps then, we will actually get good IoT stuff.
Spent some of the weekend playing with Arduinos + Home Assistant (@homeassistant) to keep a better eye on my plants. Even though it's C++, it's so refreshing compared to shipping modern prod code!
Single file, no tests, no 3rd party dependencies, no infra, just run code & see results immediately (if it works, it's done). And with deep sleep the result should keep running on battery for years untouched. Super fun! ✨
My landlord installed a heatpump / electric combo water heater last month. It has a wifi connectivity feature that supposedly lets you schedule the water heater.
I was excited to be able to turn it off during peak times (4 to 9pm) and at night and set it to high efficiency mode when needed.
We all know that PG&E is a private utility company which participates in stock buyback, unjustified rate increases coupled with unrealistic compensations for their CEO.
I know they don’t have me best interest in mind yet I cannot opt out if them scheduling my water heater…
My only option is to turn off the IoT and delete the app.
Are appliance manufacturers are colluding with utility companies ?
So once again, as a tenant, I can’t do anything. My landlord probably got some tax deductions, and we’re stuck with either a dumb water heater or a collaborator spyware smart water heater…
At least it should theoretically be cheaper than gas but with the way the rates are increasing, I need to do the math
Don’t buy an #EcoTerra or at least download the #EcoNet app beforehand to see how shitty it is.
This Open Home Foundation thing sounds a bit like one of my "startup ideas that would never get funded"; ideally this will end up being an IoT ecosystem that's open and self-hostable. https://www.openhomefoundation.org/
I initially ignored it because I thought "Home Assistant" was the Apple IoT thing.
#CyberSecurity#AI#Iot#SmartObjects#Hacking: "For a start, review all the devices in your home that connect to the internet. Try to identify AI-powered features, such as learning user behaviours or processing large datasets. These are common in smart speakers, home security systems and advanced wearable technology.
Secondly, explore the functionality of your devices and disable irrelevant or unnecessary AI features. This simple step could prevent AI from gathering personal information and its possible exposure.
Thirdly, when you purchase a device, examine the manufacturer’s security disclosure, often found on their website under titles like “Privacy”, “Security” or “Product Support”. It can also be found in user manuals and, sometimes, directly on the product packaging.
If you've ever looked at SSH server logs you know what I'm about to say: Any SSH server connected to the public Internet is getting bombarded by constant attempts to log in. Not just a few of them. A lot of them. Sometimes even dozens per second. And this problem is not going away; it is, in fact, getting worse. And attackers' behavior is changing.
The graph attached to this post shows the number of attempted SSH logins per day to one of @cloudlab s clusters over a four-year period. It peaks at about 3.4 million login attempts per day.
This is part of a study we did on our production system, using logs of more than 640 million login attempts, covering more than 1,500 hosts on our side and observing more than 840 thousand incoming IP addresses.
A paper presenting our analysis and a new, highly effective means to block SSH brute force attacks ("Where The Wild Things Are: Brute-Force SSH Attacks In The Wild And How To Stop Them") will be presented next week at #NSDI24 by @sachindhke . The full paper is at https://www.flux.utah.edu/paper/singh-nsdi24
First things first: everyone "knows" that most brute force attacks are against the "root" account, right? This is certainly what earlier studies have found.
As it turns out, this used to be true, but it's not anymore. This graph shows that the fraction of brute force attacks using the username root was nearly 100% back in 2017, but it's been falling - by mid-2021, only around 20% off the attacks we saw were against root.
So, why? Well, we don't have a hotline to the attackers, but we have an educated guess from our own data and from many others' reporting: a lot of the usernames we see correspond to default usernames for #network#routers, specific #Linux distributions, specific server software, and #IoT devices. Basically, as we connect ever more stuff to the Internet (and generally try to protect the "root" account), attackers seem to be diversifying the accounts they are going after.
(There's a table of the top 100 usernames in the paper.)
One of the most frustrating things in modern technology is the effort spent trying to artificially restrict abundance. Take, for example, this tale from museum-worker Aaron Cope: I was out with a friend who worked for Twitter and I asked them whether it would be possible for the museum to “create 200,000 Twitter accounts, one […]
Inspired by the article written by @Edent on the Fediverse of Things (#iot, #wot), I experimented with using an LLM to interpret home automation requests that could be sent using #ActivityPub and convert them to JSON device commands. I documented the results in the following blog article: https://www.stevebate.net/fediverse-of-things-and-llms/
I was out with a friend who worked for Twitter and I asked them whether it would be possible for the museum to “create 200,000 Twitter accounts, one for each object in the Cooper Hewitt’s collection”. My friend looked at me for a moment, laughed, and then simply said: No.
In that blog post, Aaron reveals that the San Francisco International Airport Museum is using ActivityPub to create automated social-media bot accounts for all its exhibits and, possibly, every object it hold.
And why not! That would be close to impossible to do on a centralised service. But on a decentralised service under your own control, it is relatively simple. Perhaps I only want to follow the museum's canteen, or I just want to engage with a specific artefact. The Fediverse makes that possible.
This reminds me of the Melbourne "treemail" phenomenon. Every tree in the city had an email address, ostensibly so residents could email maintenance issues for a specific tree. Instead, people started interacting with the trees and sending them little love notes!
Dearest Golden Elm Tree, I finally found you! As in I see you everyday on my way to uni, but I had no idea of what kind of tree you are. You are the most beautiful tree in the city and I love you
A few weeks ago, I read about Ben Smith inventing Tweeting trains. With a bit of code, every train line in the UK was suddenly represented on the web in a convenient format. Well… Convenient if you were on Twitter.
Museums, trees, and trains naturally brings me on to the Internet of Things. I think it is fair to say that IoT is in a bit of an odd place right now. Matter is a confusing mishmash of standards. Security and privacy issues dog the simplest devices. Many people don't even want their toaster online!
For the majority of domestic uses, people want an Intranet of Things. There's little need to have your light-bulbs controlled when you're outside of WiFi range. Similarly, it is probably a really bad idea to have your hydroelectric dam connected to the Internet.
Which brings me back to the Fediverse.
On the one hand, it would be nice to be able to follow @Yellow_Line@Transit_Authority.gov - or even @Bus_Stop_1234@bus_company.biz - that would allow for hyperfocused data getting to the right people. It seems feasible that every civic object could have a Fediverse account. From the individual streetlights to the municipal sewerage system. Perhaps people won't send love letters to overflowing drains - but a social-dashboard of your civic environment could be both practical and delightful.
And, as for your domestic gadgets? Why not give every room, or every light-bulb, in your home a private Fediverse account? You could send a message like:
Hey @thermostat, please set the temperature to 19°C. Thanks!
That might be a bit much! But I like the idea of a private social network which consists of all my IoT gadgets talking to me and each other.
This piece is worth reading if you’re in tech criticism or infosec/cybersecurity and are being asked for commentary on IoT and smart home devices.
People aren’t foolish for using IoT or for wanting things to be easier in their homes. This tech makes positive and meaningful change for people of all kinds of abilities. It’s valid to worry about the privacy or security issues that IoT is riddled with, but don’t draw a direct line from there to blaming the user - some people have no alternatives that don’t involve giving up independent access to their own homes and lives. Everyone deserves to live in ways that fit their needs.
Instead, join the push to hold manufacturers and providers to account for poor security and privacy practices. Advocate for better, more respectful and accessible default configurations. Help people understand how to anticipate and mitigate the worst of these issues when they’re setting things up, and give them power and agency over their home systems.
We all deserve to have tech that works for us, in all the ways that matters.
🤖 Duo S RISC-V/Arm SBC features Sophgo SG2000 SoC, Ethernet, WiFi 6, and Bluetooth 5 connectivity - CNX Software
「 Linux and RTOS are said to be supported on the Duo S, and you’ll find buildroot-built OS images on GitHub to boot from either the microSD card or the eMMC flash. As of the current v1.0.9 image, Duo S does not yet support wiringX (C) and pinpong (Python) GPIO libraries, and Arduino support is not implemented either 」
🆕 blog! “Receive push notifications from your rice cooker”
I have a lovely, and reasonably priced, Mini Panda Rice Cooker. It does not have any SmartHome features. You put in water and rice, press a button, it cooks rice. Nice! The only problem is - I don't know how long the rice will take to cook. It uses "Fuzzy Logic" to work out exactly […]
Transform Your Business with a Leading IoT Development Company - eBizneeds (www.ebizneeds.com)
Discover the power of IoT technology for your business with our top-rated IoT development company. We specialize in creating innovative and scalable solutions that leverage the Internet of Things to drive growth, efficiency, and competitive advantage.