Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region Forums'Devastating' bug pops secure doors at airports, hospitals
http://www.theregister.co.uk/2016/04/04/devastating_bug_pops_secure_doors_at_airports_hospitals/ Criminals could waltz into secure zones in airports and government facilities by hacking and jamming open doors from remote computers over the Internet, DVLabs researcher Ricky Lawshae says.
The since-patched vulnerabilities affect HID's flagship VertX and Edge controllers which are distributed in scores of busy locations and large global enterprises.
...
All it takes Lawshae says is "a few simple UDP packets" for the "potentially devastating bug" to be exploited. Authentication is not required.
Lawshae says the attacks, which can open every door in a building, are possible because of a command injection vulnerability in a LED blinking lights service.
The since-patched vulnerabilities affect HID's flagship VertX and Edge controllers which are distributed in scores of busy locations and large global enterprises.
...
All it takes Lawshae says is "a few simple UDP packets" for the "potentially devastating bug" to be exploited. Authentication is not required.
Lawshae says the attacks, which can open every door in a building, are possible because of a command injection vulnerability in a LED blinking lights service.
The Internet of Things: millions of unpatched embedded systems, generally running as root...
InfoView thread info, including edit history
TrashPut this thread in your Trash Can (My DU » Trash Can)
BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks)
8 replies, 1590 views
ShareGet links to this post and/or share on social media
AlertAlert this post for a rule violation
PowersThere are no powers you can use on this post
EditCannot edit other people's posts
ReplyReply to this post
EditCannot edit other people's posts
Rec (16)
ReplyReply to this post
8 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
'Devastating' bug pops secure doors at airports, hospitals (Original Post)
Recursion
Apr 2016
OP
WhiteTara
(29,721 posts)1. We have had a massive invasion of Lady Bugs
and when I read the title of your article I envisioned millions of the little creatures worming their way through the doors!
Sorry, I realize this is a serious matter!
Lordquinton
(7,886 posts)6. You would be surprised the damage a ladybeetle can do
Or a butterfly.
Paulie
(8,462 posts)2. Google infusion pump root telnet no password.
And these are the old ones pre IOT and Fog.
Unsecured telnet, unsecured FTP, a CGI interface, and the wireless keys kept in plaintext...
Paulie
(8,462 posts)5. They said none of this mattered since you couldn't change the dosing
Then someone showed how to change the dosing. It's quite shocking.
A lot of the old automation gear is in old rough shape and lots plugged directly into the raw Internet. We used to talk about SCADA a few years ago, now, crickets.
oasis
(49,396 posts)4. Kick and recommend for a serious matter.
vanlassie
(5,681 posts)7. I think I understood 1/32 of what has been said here.
bemildred
(90,061 posts)8. "a few simple UDP packets"
It's a broadcast attack.
UDP is "User Datagram Protocol", very low level.