Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: Justa

...but configuring the fridge to talk on your WiFi network is one of the first things you’ll do when installed. This is “Trojan Horse” in a very real sense.


39 posted on 01/17/2014 8:22:48 AM PST by fuzzylogic (welfare state = sharing consequences of poor moral choices among everybody)
[ Post Reply | Private Reply | To 20 | View Replies ]

To: fuzzylogic

The article doesn’t talk about a trojan horse with these devices it talks about spamm emails sent from the devices, ergo the premise WiFi was unsecured. If the WiFi was secured the hackers’ entry point from the internet would not have been able to get into the premise WiFi network to obtain and use the network ID of these devices to send their spamm emails out the premise WiFi/router’s internet connection. If some of those network IDs are ‘toaster[unique ID]@usersISP.com’ so what. It still gives the spammer an email address to use and that’s all they care about.

And even if the appliance had trojan hardware (like the irons in Russia) it still requires an unsecured, DHCP-enabled WiFi LAN to get out to the internet and contact the hacker to enable the exploitation of the LAN and its devices.

The attack goes something like this:
Get users’ IP address off message boards, ISPs, etc. Scan the subnets looking for an unsecured or default password premise modem/routers supplied by the ISP (which they know the default passwords for). Access the unsecured router to get a list of LAN IDs. Use those IDs to send traffic to the premise router to send out their spamm emails. That way the emails orginate from non-blocked domains and known spammers.

There is more to it but there are plenty of ways to avoid your appliances getting cease-and-dissist email from your ISP. Setting a password on the ISP router/modem, disabling ISP email and blocking the router’s port 25 are a few simple ways.

It’s just spammers looking to get around their notariety to ISPs and security programs. They need an innocent ISP account (and router) to send their spamm.


44 posted on 01/17/2014 9:40:22 AM PST by Justa
[ Post Reply | Private Reply | To 39 | View Replies ]
To: fuzzylogic

WiFi-enabled devices and WiFi-enabled ISP routers typically are preset for DHCP. On an unsecured WiFi network the new WiFi appliances will auto-join the local network. No user action required. This is what the hackers are looking for. The fridge just provides an additional email account to send their spamm out the WiFi router.

And the “business hacking” is most likely a business complementary WiFi for their customers in the waiting room. Like Joe’s Auto Repair w/free WiFi. They don’t secure it because they’d then have to setup every user. Even though their WiFi network is only a network access point their WiFi-enabled appliance has a network ID to exploit for spamming. In this case the fix is to block everything on their premise router but what’s needed for their customers (port 80, 443, etc.) particularly the mail ports (24, 25, 57, 109, 110, etc.).


45 posted on 01/17/2014 10:03:35 AM PST by Justa
[ Post Reply | Private Reply | To 39 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson