On 2016-10-25 04:10, Ronald F. Guilmette wrote:
If all of the *&^%$# damn stupid vacation pet feeders had originally shipped with outbound rate limits hard-coded in the kernel, maybe this could have been avoided.
I view this differently. The problem is in allowing inbound connections and going as far as doing UPnP to tell the CPE router to open a inbound door to let hackers loging to that IoT pet feeder to turn it into an agressive DNS destroyer. Then again, you need to have the owner access the pet feeder from the remote beach to feed the dog. One way around this is for the pet feeder to initiate outbound connection to a central server, and have the pet onwer connect to that server to ask the server to send command to his pet feeder to feed the dog. This way, there need not be any inbound connection to the pet feeder.