In message <CAF-Wqd5kuxZwFZ5gwCP9-k7chX6y06JMoMoZdvP_i2oRvbmFUg@mail.gmail.com> Ken Matlock <matlockken@gmail.com> wrote:
Fixing the current wave of 'IoT' devices and phones and Tv's etc is only putting a bandaid on a broken arm. It gives the illusion of progress...
Until we accept that it's *everyone's* problem and work to fix the things under our control and work as an advocate for the other layers, we will continue to suffer attacks.
Agreed. Even if we could snap our fingers and fix the whole morass that is the IoT problem tomorrow, that still wouldn't prevent dumb consumers from pulling their dusty old Windows XP laptops own out of their closets and hooking them up directly to the Internet. Nor would it do anything about the small ISPs that have "mailbox full" abuse@ addresses, or the even larger ISPs that allow deliberately spoofed packets out onto the public Internet, or the Tier 1s that still peer with known utterly irresponsible ASNs. But, ya know, you gotta start someplace. And we can't let the perfect be the enemy of the good. That just won't wash anymore, I think. Not after last Friday. I put forward what I think is a reasonbly modest scheme to try to get IoT things to place hard limits on their "unsolicited" packet output at the kernel level, and I'm going to go off now and try to find and then engage some Linux embedded kernel people and see what they think. Maybe the whole thing is a dumb idea and not worth persuing, but I'm not con- vinced of that yet. So I'll go off, investigate in some more appropriate forum, and report back here if/when I have anything useful to say. Hacking embedded kernels to make them fault-tolerant, even in the event of attackers getting a root shell prompt, isn't going to save the world from DDoS attacks, but it may be one small part of the solution. Regards, rfg P.S. In the scheme I proposed, I left out one additional nicety that embedded kernels could also do to enhance security, namely disabling raw sockets completely in the kernel. No normal IoT thing needs the ability to forge outbound packets. But I would be willing to bet my bottom dollar, right now, that if we poked around long enough we could surely find some easily break-in-able busybox-based thingies out there, right now, as we speak, into which a binary could dropped that would have no trouble at all opening raw outbound sockets. BCP38 for toasters anyone?