philchillbill wrote: > A few years ago, I wrote a shell script that I installed on my SB-Radio > to read out its internal light sensor and post that data to Domoticz in > a 5-second CRON. I could do that by SSHing into the Radio and by knowing > its a Linux-based device, I could find my way around on its file system > pretty quickly. > > When my script is running, it in no way changes the behavior of the SBR > from a users perspective. That did make me very aware of what happens > when a device on your local LAN is compromised to become part of a > botnet. My code wasnt malicious and I wrote it myself, but what if? > > To get in to the SBR, you have to navigate the menu structure in the > players GUI and enable SSH. In theory you need physical access to the > player to do that. But of course if theres a zero-day in the BusyBox > then who knows > > The chances are very, very, very small. But never, ever, say never.
Thanks a lot for your replies. The main trigger for my concern are the frequent warnings in the media about smart home appliances (like dishwashers with wifi) that are often not updated, so that unpatched weaknesses can be exploited by hackers who then can enter your home network and sniff out what you're doing on your other devices, such as phone and computer. So my assumption was that eventually in every device that is longer on the market, weaknesses may be discovered and exploited. The same also applies for computers and phones, of course. But your testing puts my mind at least a little, awesome that you did that, philchillbill. ------------------------------------------------------------------------ jablonski's Profile: http://forums.slimdevices.com/member.php?userid=23317 View this thread: http://forums.slimdevices.com/showthread.php?t=115017
_______________________________________________ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss