> >I could be wrong, but I believe that Dyn was DDoSed by the Mirai > >botnet, which propagates by exploiting devices configured with default > credentials. > >This has nothing to do with outdated firmwares. > > The problem is that you cannot realistically update those firmwares.
Many companies provide devices that do automated updates. It's totally realistic to update firmwares. There exist various methods, tools and best practices. The problem is that some manufacturers don't bother to make their devices upgradable. By not having to maintain the firmware of shipped devices, the devices can be sold very inexpensively. So price-conscious consumers will buy them, instead of the more expensive, well-maintained devices. > It is trivial to compile a new firmware for those devices that doesn't request > upnp to open ports to telnet or ssh. But is is impossible to deploy such an > update. I can't speak for others, but DIRECTV set-top-boxes all do auto update, as do Digital Life IoT devices, and U-verse residential gateways. I think iControl IoT devices do, too. So, no, it's not impossible. It's just cheaper and requires less skill and effort to create devices that can't be updated. The exploited vulnerabilities (in the Dyn attack) have been known for years, and fixes have been available for years. Even after they were known, new units were still shipping with the vulnerability. Secure methods for updating devices and best practices for using these methods have existed for years. If the device manufacturer had built in a mechanism to allow for secure, automated updates (and not hard-coded a default password for access to all devices that couldn't even be changed by firmware update), and had made updates available in a timely manner, there wouldn't have been vast numbers of devices to exploit. > For consumer electronics, we cannot rely on consumers to actually download > and install new firmware. So part of the solution to securing those devices > has to be that (out of the box) they will update automatically. +1 > For the same reason, having lots of devices on the internet that have been > abandoned by the vendor is also a huge security risk. So ideally those devices > should shutdown automatically. Which means the vendor would still be responsible for building in a remote "kill switch". Ideally, manufacturers would be required to warn consumers prior to purchase that the device will be bricked (or maybe just have all IP connectivity disabled) if it is ever discovered to have an easily exploitable vulnerability. > Note that PCs, browsers, etc. are now somewhat secure because they > update automatically. We need to do the same with all other devices > connected to the internet. +1 Barbara _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet