SoylentNews is people
SoylentNews
An Ars Technica story from 17 April, 2017 introduced us to Hajime, the vigilante botnet that infects IoT devices before blackhats can hijack them. A technical analysis published Wednesday reveals for the first time just how much technical acumen went into designing and building the renegade network, which just may be the Internet's most advanced IoT botnet.
Hajime [PDF] was first reported on in October, 2016 by Sam Edwards and Ioannis Profetis, security researchers at Rapidity Networks, a Boulder, CO based ISP.
As previously reported, Hajime uses the same list of user name and password combinations used by Mirai, the IoT botnet that spawned several record-setting denial-of-service attacks last year. Once Hajime infects an Internet-connected camera, DVR, and other Internet-of-things device, the malware blocks access to four ports known to be the most widely used vectors for infecting IoT devices. It also displays a cryptographically signed message on infected device terminals that describes its creator as "just a white hat, securing some systems."
Not your father's IoT botnet
But unlike the bare-bones functionality found in Mirai, Hajime is a full-featured package that gives the botnet reliability, stealth, and reliance that's largely unparalleled in the IoT landscape. Wednesday's technical analysis, which was written by Pascal Geenens, a researcher at security firm Radware, makes clear that the unknown person or people behind Hajime invested plenty of time and talent.
From the Ars Technica piece:
Hajime uses a decentralized peer-to-peer network to issue commands and updates to infected devices. This design makes it more resistant to takedowns by ISPs and Internet backbone providers. Hajime uses the same list of user name and password combinations Mirai uses, with the addition of two more. It also takes steps to conceal its running processes and files, a feature that makes detecting infected systems more difficult. Most interesting of all: Hajime appears to be the brainchild of a grayhat hacker, as evidenced by a cryptographically signed message it displays every 10 minutes or so on terminals. The message reads:
Just a white hat, securing some systems.
Important messages will be signed like this!
Hajime Author.
Contact CLOSED
Stay sharp!Another sign Hajime is a vigilante-style project intended to disrupt Mirai and similar IoT botnets: It blocks access to four ports known to be vectors used to attack many IoT devices. Hajime also lacks distributed denial-of-service capabilities or any other attacking code except for the propagation code that allows one infected device to seek out and infect other vulnerable devices.
Is it right for geeks to use their powers in this way?
(Score: 5, Insightful) by fyngyrz on Wednesday May 03 2017, @03:35PM (5 children)
It's possible your A/C tech was unaware of his own ignorance. He probably thinks an IOT thermostat is just a "more convenient thermostat", and the reason he thinks that is because no one's informed him there is more to know.
Disdain is not always the appropriate reaction. Be kind by default. The high road is a nice place to be. Plus, you can do some gentle teaching, and those benefits can go far.
(Score: 3, Insightful) by Justin Case on Wednesday May 03 2017, @03:46PM (4 children)
It's possible your A/C tech was unaware of his own ignorance.
Quite likely you are correct. We have spoon-fed a culture that now believes expertise is appropriate for every discipline except the most complicated invention on the planet! For that, marketdroids said, you need no knowledge. And people bought it! In both senses of the word "bought".
That's why only a massive wake-up call has any hope of getting through.
(Score: 2) by NotSanguine on Wednesday May 03 2017, @04:23PM
Quite likely you are correct. We have spoon-fed a culture that now believes expertise is appropriate for every discipline except the most complicated invention on the planet! For that, marketdroids said, you need no knowledge. And people bought it! In both senses of the word "bought".
That's why only a massive wake-up call has any hope of getting through.
Actually, our culture has been tending toward disdaining expertise altogether, much to our detriment.
Tom Nichols' [wikipedia.org] book, The Death of Expertise [oup.com] discusses this at some length.
If you are concerned about spending US25.00 on said book, you can check out Nichols discussing his book [c-span.org].
No, no, you're not thinking; you're just being logical. --Niels Bohr
(Score: -1, Offtopic) by kurenai.tsubasa on Wednesday May 03 2017, @04:32PM (2 children)
I think you've captured it. I'd like to add:
This is the same thing underpinning the “misogynderd narrative.” How many people pushing the misogynerd narrative have even read and comprehended Lovelace's Notes? How many people read the Notes and realized on their own that Lovelace was writing about MP3 players among many other things 150 years before such any such devices would ever be invented?
The public has somehow become convinced that computers are magic. When a womyn-born-womyn gets a compiler error, there's a thousand white knights around to come to her aid and blame the first assigned male who isn't being a good little sex object for intentionally designing the compiler to be unusable by womyn-born-womyn?
They tell us it's not the womyn-born-womyn's fault she's not understanding that compilers are more strict than my high school English teacher. They act like Lovelace never wrote what she did about how computers have no ability to originate analysis.
The Analytical Engine has no pretensions whatever to originate anything. It can do whatever we know how to order it to perform. It can follow analysis; but it has no power of anticipating any analytical relations or truths. Its province is to assist us in making available what we are already acquainted with.
When a computer program a modern womyn-born-womyn writes does something unexpected, rather than following Lovelace's guidance about the capabilities and limitations of computers, they blame, blame, blame, blame. Obviously, when a womyn-born-womyn's program goes wrong, it must be the fault of the assigned male who hasn't prostituted himself out to enough womyn-born-womyn. It couldn't possibly be because “it has no power of anticipating any [ANY!] analytical relations or truths!”
Learning programming is obviously dead simple. All us assigned males are just lying about the complexity involved because we just hate women, for reasons. Anybody who says otherwise will be cross-examined as a sexual object, a presumed homosexual, and an inferior being who's acting out of his assigned caste by daring to question a womyn-born-womyn with an hour of code's worth of experience.
Sketch of The Analytical Engine Invented by Charles Babbage With notes upon the Memoir by the Translator ADA AUGUSTA, COUNTESS OF LOVELACE [fourmilab.ch]
(Score: 2) by mcgrew on Wednesday May 03 2017, @05:08PM (1 child)
The public has somehow become convinced that computers are magic.
Of course they have. As Clarke pointed out, any sufficiently advanced technology is indistinguishable from magic.
One day when my great nephew was four, I was visiting my sister and the kid asked her how computers work. She smiled, shrugged, and said "It's magic!" Clarke was 100% correct. You and I know how computers work, but normals don't. That's why they call us wizards.
mcgrewbooks.com mcgrew.info nooze.org
(Score: 3, Insightful) by deimtee on Wednesday May 03 2017, @11:56PM
I think the Florence Ambrose corollary is even more appropriate : http://freefall.purrsia.com/ff300/fv00255.htm [purrsia.com]
If you cough while drinking cheap red wine it really cleans out your sinuses.