Stories
Slash Boxes
Comments

SoylentNews is people

Webcams Used to Attack Reddit and Twitter Recalled

posted by martyb on Tuesday October 25 2016, @12:22PM   Printer-friendly
from the rein-in-the-bots dept.

Phoenix666 writes:

Home webcams that were hijacked to help knock popular websites offline last week are being recalled in the US.

Chinese electronics firm Hangzhou Xiongmai issued the recall soon after its cameras were identified as aiding the massive web attacks.

They made access to popular websites, such as Reddit, Twitter, Spotify and many other sites, intermittent.

Security experts said easy-to-guess default passwords, used on Xiongmai webcams, aided the hijacking.

The web attack enrolled thousands of devices that make up the internet of things - smart devices used to oversee homes and which can be controlled remotely.

Will we go through this over and over with toasters, refrigerators, and every other connected appliance?

Original Submission

 
This discussion has been archived. No new comments can be posted.
Webcams Used to Attack Reddit and Twitter Recalled | Log In/Create an Account | Top | 25 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1, Insightful) by Anonymous Coward on Tuesday October 25 2016, @02:23PM

    by Anonymous Coward on Tuesday October 25 2016, @02:23PM (#418555)

    Security isn't seen as a requirement when people develop products. When you buy a webcam, does it occur to you to care whether it's secure? Maybe. Does it occur to John Q. Public? Not at all.

    The product developers and John Q. Public are acting rationally in their best interest. For most people, the expected cost (to them) of an attack involving their webcam is either zero or very close to zero.

    So a rational purchaser will not care whether or not the product is secure, and if the "more secure" version means "more expensive", the rational choice is the cheaper one (all else being equal).

    Therefore, if increasing security for a product like this adds any production cost whatsoever, the rational choice for a manufacturer is to not do it.

    Starting Score:    0  points
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Total Score:   1  

  • (Score: 2) by LoRdTAW on Tuesday October 25 2016, @04:37PM

    by LoRdTAW (3755) on Tuesday October 25 2016, @04:37PM (#418609) Journal

    If the rational purchaser in your example is John Q Public then the word security does not even enter the conversation. All they want to to watch their home from their smart phone. Everything else is magic as far as they are concerned.

    The manufacturer is responsible for security as they should be well aware of John Q Public's grasp of computer security: zero. So I'm chalking this one up as laziness or incompetence.

    • (Score: 0) by Anonymous Coward on Tuesday October 25 2016, @06:46PM

      by Anonymous Coward on Tuesday October 25 2016, @06:46PM (#418671)

      More appropriately, chalk it up to "tragedy of the commons"

      Expecting companies to keep the security of the commons up to your snuff for free? I question your reasoning.