this post was submitted on 12 Nov 2023
1480 points (96.1% liked)
tumblr
3365 readers
5 users here now
Welcome to /c/tumblr, a place for all your tumblr screenshots and news.
Our Rules:
-
Keep it civil. We're all people here. Be respectful to one another.
-
No sexism, racism, homophobia, transphobia or any other flavor of bigotry. I should not need to explain this one.
-
Must be tumblr related. This one is kind of a given.
-
Try not to repost anything posted within the past month. Beyond that, go for it. Not everyone is on every site all the time.
-
No unnecessary negativity. Just because you don't like a thing doesn't mean that you need to spend the entire comment section complaining about said thing. Just downvote and move on.
Sister Communities:
-
/c/TenForward@lemmy.world - Star Trek chat, memes and shitposts
-
/c/Memes@lemmy.world - General memes
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The issue is that the thermostat can be used as a jump box into your network.
That's when/where all the nefarious things happen.
This is why I like boarderless security, and did even before all these smart devices came around. Every device should be responsible for its own security. It meant your laptop is still protected when you're on some random wifi network. Networks shouldn't be built like eggs; hard on the outside, soft on the inside.
It does take more technical skill to setup, though.
Or they could just dime out the heat/AC and give you a huge energy bill. Or kill the furnace in the winter, while you're on vacation, and let your pipes burst.
Nobody is doing that. A hacker doesn't cause chaos just for the fun of it. They have nothing to gain by playing with your thermostat when they can spend less man-power exploiting corporations for money and data.
Really? Ok, that could be a one-off: here's a more concrete example.
Yeah, but:
And if a hacker is in your home, they're not a hacker. They're just a burglar.
Realistically speaking who targets an individual house in the hopes of accessing something important and usable when companies lose millions of customer financial and personal information basically every month?
Nobody attacks an individual house, people exploit vulnerabilities en masse.
To do what though? People are worried about their internal network being compromised, but the average person has basically nothing worth stealing on their home network given the insane amount of work it takes to compromise it.
The fears of your internal home network being compromised are way overblown.
A main example that comes to mind is nanny cam or iot security cam ransoms for example. They don't target specific individuals at first, they exploit a mass vulnerability, gather sensitive footage then blackmail. Another example, while not directly affecting IoT users' lives was the Mirai botnet attack.
This implies looking at hundreds of thousands of nanny cams, for probably lots of hours before you end up with any footage thts worthy of 'blackmail'. And I'd bet many homes would literally never have anything blackmail worthy even happen on camera. Oh no, they saw me naked!?! What am I going to do if my coworkers found out I walk around naked in my own home. I'd just tell them to take a hike and release my naked footage if they really wanted to.
It's not just damage to your home network, it's using that as part of botnets do do other crime. And it's collecting data on you for sleazy purposes, that then gets leaked (sometimes) to those who want to use it for crime.
Really?
The great thing about software is once you develop an insane trick to get into one child's internet-connected doll (oh yes, there's that too) you can roll it out to try ten million dolls across the world.