this post was submitted on 12 Nov 2023
1480 points (96.1% liked)

tumblr

3365 readers
5 users here now

Welcome to /c/tumblr, a place for all your tumblr screenshots and news.

Our Rules:

  1. Keep it civil. We're all people here. Be respectful to one another.

  2. No sexism, racism, homophobia, transphobia or any other flavor of bigotry. I should not need to explain this one.

  3. Must be tumblr related. This one is kind of a given.

  4. Try not to repost anything posted within the past month. Beyond that, go for it. Not everyone is on every site all the time.

  5. No unnecessary negativity. Just because you don't like a thing doesn't mean that you need to spend the entire comment section complaining about said thing. Just downvote and move on.


Sister Communities:

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] bitwolf@lemmy.one 20 points 11 months ago (3 children)

The issue is that the thermostat can be used as a jump box into your network.

That's when/where all the nefarious things happen.

[–] frezik@midwest.social 6 points 11 months ago

This is why I like boarderless security, and did even before all these smart devices came around. Every device should be responsible for its own security. It meant your laptop is still protected when you're on some random wifi network. Networks shouldn't be built like eggs; hard on the outside, soft on the inside.

It does take more technical skill to setup, though.

[–] groucho@lemmy.sdf.org 5 points 11 months ago (1 children)

Or they could just dime out the heat/AC and give you a huge energy bill. Or kill the furnace in the winter, while you're on vacation, and let your pipes burst.

[–] RGB3x3@lemmy.world 2 points 11 months ago* (last edited 11 months ago) (1 children)

Nobody is doing that. A hacker doesn't cause chaos just for the fun of it. They have nothing to gain by playing with your thermostat when they can spend less man-power exploiting corporations for money and data.

[–] groucho@lemmy.sdf.org 1 points 11 months ago (1 children)
[–] RGB3x3@lemmy.world 1 points 11 months ago

Yeah, but:

The downside, though, is that installing the ransomware, currently, requires the hackers to either have physical access to the thermostat or trick the victim into loading malicious files on the device on his own.

And if a hacker is in your home, they're not a hacker. They're just a burglar.

[–] greenskye@lemm.ee 2 points 11 months ago (1 children)

Realistically speaking who targets an individual house in the hopes of accessing something important and usable when companies lose millions of customer financial and personal information basically every month?

[–] Nahdahar@lemmy.world 5 points 11 months ago (1 children)

Nobody attacks an individual house, people exploit vulnerabilities en masse.

[–] RGB3x3@lemmy.world 1 points 11 months ago (2 children)

To do what though? People are worried about their internal network being compromised, but the average person has basically nothing worth stealing on their home network given the insane amount of work it takes to compromise it.

The fears of your internal home network being compromised are way overblown.

[–] Nahdahar@lemmy.world 1 points 11 months ago (1 children)

A main example that comes to mind is nanny cam or iot security cam ransoms for example. They don't target specific individuals at first, they exploit a mass vulnerability, gather sensitive footage then blackmail. Another example, while not directly affecting IoT users' lives was the Mirai botnet attack.

[–] greenskye@lemm.ee 1 points 11 months ago

This implies looking at hundreds of thousands of nanny cams, for probably lots of hours before you end up with any footage thts worthy of 'blackmail'. And I'd bet many homes would literally never have anything blackmail worthy even happen on camera. Oh no, they saw me naked!?! What am I going to do if my coworkers found out I walk around naked in my own home. I'd just tell them to take a hike and release my naked footage if they really wanted to.

[–] milicent_bystandr@lemm.ee 1 points 11 months ago

It's not just damage to your home network, it's using that as part of botnets do do other crime. And it's collecting data on you for sleazy purposes, that then gets leaked (sometimes) to those who want to use it for crime.

the insane amount of work it takes to compromise it.

Really?

The great thing about software is once you develop an insane trick to get into one child's internet-connected doll (oh yes, there's that too) you can roll it out to try ten million dolls across the world.