Announcement

Collapse
No announcement yet.

Fox sez: Hackers can take control of your blender!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Fox sez: Hackers can take control of your blender!

    http://www.foxnews.com/scitech/2010/...rgeting-right/

    That's right: your blender is under attack! Most mixers are self-contained and not hackable, but Siciliano says many home automation systems tap into appliances such as blenders and coffee machines. These home networks are then open to attack in surprising ways: A hacker might turn on the blender from outside your home to distract you as he sneaks in a back window, he warns.
    I'd say Fox has sunk to a new low, but it's hard to top their report on Anonymous.
    45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B0
    45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B1
    [ redacted ]

  • #2
    Re: Fox sez: Hackers can take control of your blender!

    Originally posted by bascule View Post
    I'd say Fox has sunk to a new low, but it's hard to top their report on Anonymous.
    I wonder why we (not you specifically, but we in general) are so quick to blame the clearly gullible news organizations, but don't say anything about the experts that are cited in these articles.

    For example, you cite part of the article that says...
    Originally posted by bascule View Post
    A hacker might turn on the blender from outside your home to distract you as he sneaks in a back window, he warns.
    Right. Fox (or whatever news organization) is silly for reporting this kind of stuff, but what about Robert Siciliano, the CEO at IDTheftSecurity.com, who is responsible for this comment? Is this article "a new low" because Fox reported it, or because Siciliano gave them such an outrageous quote? Both?

    Winn Schwartau is mentioned in this article--he is a forum user here and respected speaker--does he agree with the overall sentiment of the article? Were his quotes accurate? Taken out of context?
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

    Comment


    • #3
      Re: Fox sez: Hackers can take control of your blender!

      Part of it is the manner and tone of the report. There's some good and true information in there, like using AES on your WLAN, but a lot of it is lost in the hysteria.

      We've had similar discussions here. I remember starting this thread about 2 years ago about the lack of security on the Jura F90 coffee maker. https://forum.defcon.org/showthread.php?t=9490 It seems to me that the difference is that while we shake our heads and question why the security issues are never considered before implementation, this story is makes it sound like these are all common attacks, when we know that they are not common at all. The truth of the matter is that while some of the attacks listed might happen, the chances for a bad guy actually gaining something using them are relatively low.

      Attacking the blender might be good for a few yucks as a practical joke on a buddy, but the attack itself isn't going to be of much use in a realistic way. I'm more concerned that an undetected exploit on an embedded device might be used as a jumping off point in an attack on an server within an enterprise network.
      Thorn
      "If you can't be a good example, then you'll just have to be a horrible warning." - Catherine Aird

      Comment


      • #4
        Re: Fox sez: Hackers can take control of your blender!

        Originally posted by theprez98 View Post
        I wonder why we (not you specifically, but we in general) are so quick to blame the clearly gullible news organizations, but don't say anything about the experts that are cited in these articles.
        I would blame the news organization more than the, "experts," because there are many crazy people and theories in the world but only a few news reporting agencies on major networks. Reporting far-fetched claims as news lends the stories credibility as "important" or at least "more important" than whatever else is not being reported.

        Comment


        • #5
          Re: Fox sez: Hackers can take control of your blender!

          Originally posted by Thorn View Post
          Part of it is the manner and tone of the report. There's some good and true information in there, like using AES on your WLAN, but a lot of it is lost in the hysteria.
          Agreed. But do the "experts" share some responsibility for their quotes that tend to create the hype?
          Originally posted by TheCotMan View Post
          I would blame the news organization more than the, "experts," because there are many crazy people and theories in the world but only a few news reporting agencies on major networks. Reporting far-fetched claims as news lends the stories credibility as "important" or at least "more important" than whatever else is not being reported.
          I would also blame the news organizations more so than the experts, but for a different reason. I think all of the major news organizations have become beholden to these "experts" to figure out what is "real." Furthermore, the networks have lists of experts that they turn to, but when they include people like Gregory Evans, you cannot take these lists seriously. So there is obviously no vetting of these lists. So in some ways you have a small group of people who can, in some circumstances, drive the news in one direction or another.

          I would be curious to know who was the impetus for this story; was it a Fox producer who said, "I heard you can hack a blender!" or was it one of experts "advertising" their research that caught a hook with the producer. Or some combination of both.
          "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

          Comment


          • #6
            Re: Fox sez: Hackers can take control of your blender!

            Originally posted by theprez98 View Post
            Agreed. But do the "experts" share some responsibility for their quotes that tend to create the hype?
            Probably not, or only a little responsible, at least based on my experience. News organizations tend to go for the quick quote or sound bite. Give them a concise summary of exactly why a particular vulnerability exists and they'll reduce it to the smallest, most inflammatory bit they think will inflame Joe Sixpack.

            Originally posted by theprez98 View Post
            I would also blame the news organizations more so than the experts, but for a different reason. I think all of the major news organizations have become beholden to these "experts" to figure out what is "real." Furthermore, the networks have lists of experts that they turn to, but when they include people like Gregory Evans, you cannot take these lists seriously. So there is obviously no vetting of these lists. So in some ways you have a small group of people who can, in some circumstances, drive the news in one direction or another.
            Sometimes they do some minor vetting, or that's what the reporters I know tell me. Having had a few journalists call me out of the blue, I've found that the "vetting" process seems to be a referral from another reporter, reading a quote from another story, or having read a press release. Of course, many times press releases are little more than self-serving puff pieces. That's how you end up with people calling themselves the "world's #1 hacker" or the like, and the press takes them at face value.

            The largest news organizations do hire their own experts as commentators, -often times for medical or military commentary- and many times this they are retired or even still active in their given field. As such, they are usually well informed, and can very often explain things very well. However, as members of the news organization, even these people tend to reduce complex ideas to little more than pithy sound bites.
            Last edited by Thorn; July 5, 2010, 18:45. Reason: Fixed typo
            Thorn
            "If you can't be a good example, then you'll just have to be a horrible warning." - Catherine Aird

            Comment


            • #7
              Re: Fox sez: Hackers can take control of your blender!

              I'm actually less concerned about hackers taking over my blender or my fridge than I am about the Green Comet that's going to pass between the earth and the moon and make all the machinery come alive and start killing all of us.
              A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

              Comment


              • #8
                Re: Fox sez: Hackers can take control of your blender!

                Time to throw away my blender to lessen the chances of a break in.

                Comment


                • #9
                  Re: Fox sez: Hackers can take control of your blender!

                  Originally posted by theprez98 View Post
                  Agreed. But do the "experts" share some responsibility for their quotes that tend to create the hype?
                  I'd hope it's the news organization's job to select the "experts" they want to give a voice to. When it comes to Fox news affiliates there seems to be a systemic problem, particularly when it comes to "hackers" and issues of fear, uncertainty, and doubt.

                  A Fox report which went viral comparing 4chan to terrorists blowing up a van practically gave birth to "Anonymous". There was a recent Fox "story" which was more or less "Is that Girl with the Dragon Tattoo shit for real? We should report on it." Our local Fox affiliate has one of the most hilarious videos ever made about wardriving.

                  I'm not saying that non-Fox affiliated stations have some miraculous gift at picking their sources, but it seems like the majority of lulzy hacking-related stories come out of Fox-affiliated stations.
                  45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B0
                  45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B1
                  [ redacted ]

                  Comment


                  • #10
                    Re: Fox sez: Hackers can take control of your blender!

                    Screw the blender. It's the dryer that makes me nervous, been plotting against me for years. Yeah, bascule, I've been noticing that same trend as well, but it's not that Fox networks are reporting more of the lulzy hacker stories. It's just that Fox reporters tend to have a more deer in the headlights look and the producers insist on the bad guy movie music while they're doing it. Other networks still have goofy ass stories like this, just that some networks tend to go more in the "We're all gonna die" direction than others.
                    "You have cubed asscheeks?"... "Do you not?"

                    Comment


                    • #11
                      Re: Fox sez: Hackers can take control of your blender!

                      Sorry if I just don't get this, but...what exactly would be the point of having your blender in your network?

                      Al
                      "Are my pants...threatening you?"

                      Comment


                      • #12
                        Re: Fox sez: Hackers can take control of your blender!

                        Yea watch that dryer. That explains your SOCKS error.

                        Comment


                        • #13
                          Re: Fox sez: Hackers can take control of your blender!

                          Originally posted by alklloyd View Post
                          Sorry if I just don't get this, but...what exactly would be the point of having your blender in your network?

                          Al
                          Your margaritas can be made fresh when you get home. They already have washers and dryers that you can start over the net.

                          Comment


                          • #14
                            Re: Fox sez: Hackers can take control of your blender!

                            Originally posted by Thorn View Post
                            Attacking the blender might be good for a few yucks as a practical joke on a buddy, but the attack itself isn't going to be of much use in a realistic way. I'm more concerned that an undetected exploit on an embedded device might be used as a jumping off point in an attack on an server within an enterprise network.
                            You mean like a possibly a video surveillance server with a *nix variant installed accessible from the public internet, with the default root password not change?

                            Your margaritas can be made fresh when you get home. They already have washers and dryers that you can start over the net.
                            They also have Fridges that can connect, and report about failures to the company and repair services can then be arranged.

                            Personally, I like the idea of cooling devices being connected, it would be nice to know if your compressor conks out and it can alert you before it warms up and you lose a freezer full of food.

                            Of course, these things can tie into a more devious nature as well.

                            [TFB Time]
                            With more and more appliances, HVAC and Hot water heaters having this kind of technology tied into them, plus with the ever expanding installation of Smart Meters, a third party could take control of the power consumption of these devices, and possibly turn them off at will.

                            Or a malicious person could do that as well since we all know these systems will be far from secure.
                            [/TFB Time]
                            Last edited by streaker69; July 6, 2010, 21:44.
                            A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

                            Comment


                            • #15
                              Re: Fox sez: Hackers can take control of your blender!

                              So uhh, I just googled around...

                              Can someone please link me to a page where I can buy these internet blenders?

                              Comment

                              Working...
                              X