On 5/1/13 12:22 PM, Alfredo Covaleda Vélez wrote:
Me parece increíble que 420.000 usuarios de Linux sean tan descuidados
y no le presten el mínimo de atención a la más básica medida de
seguridad como es tener un password para ingresar al perfil. También
es interesante ver el nivel de acceso de Linux en todo el mundo.
/I can not believe 420,000 Linux users are so careless and do not
pay the least attention to the most basic security measure is to
have a password to enter the profile. It is also interesting to see
the level of access of Linux worldwide.
/
I have read the paper (but only once through) and it appears that most
if not all of the machines in question are in fact "embedded" computers
running inside of printers, webcams, NAS devices, set-top internet
devices (game consoles/Netflix boxes/etc) and even industrial control
systems. I do not see anywhere where "real computers" are excluded, I
assume that they are (mostly) self-excluded by not having a telnet port
open and/or having more security than no password or admin/admin or
root/root as password.
I would call this more of an exploit than a hack (if the difference
matters)... and the humility shown in the work and in the paper is
surprising. If you read deep enough, you will discover that a
side-effect of this work was to take very limited steps to lame another
botnet being deployed at the same time, known as "Aida". All of the
resulting data is available online ~.6TB worth... I'll be interested in
subsequent analysis!
My own work in the area is 6-10 years old and while I folllowed most of
the jargon and acronyms in the paper, I felt incredibly out of date!
- Steve
This researcher/engineer
//
============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
