nanog mailing list archives
Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey
From: Stephen Satchell <list () satchell net>
Date: Wed, 28 Sep 2016 05:30:08 -0700
On 09/28/2016 12:33 AM, Eliot Lear wrote:
It's not just consumers that need to understand this. Manufacturers of Things are right now on a steep learning curve. Consider that thermostat, for just a moment. In The Gold Old Days, before it had a network interface, the manufacturer cared about a handful of things like at what temperature to turn the heat or A/C on maybe with some adjustments for time of day or day or week. And that was it. That is their domain of expertise. Not security. Now the Internet looks like a new shiny object that promises to provide some cool new world capabilities, like letting people adjust the temp while they're away, or using weather forecasts to manage hysteresis effects. And so, the manufacturer initially thinks, we'll add an interface to the product, and a little bit of code, and we're done. Now the manufacturer has stepped outside their domain of expertise, and doesn't have a full understanding of the risks that need to be addressed. We as experts in this domain can help by informing manufacturers of those risks.
Many manufacturers will outsource the Internet portion of their product to a software provider, not build from scratch "in house". The people we really need to get to are the ones that *provide* those packages the manufacturers use.
In the case of embedded Linux solutions, the discussion need only be about what knobs to turn, and how far.
Current thread:
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey, (continued)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Mike Hammett (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Alan Buxey (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Jared Mauch (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Mark Andrews (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Brielle Bruns (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Roland Dobbins (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Patrick W. Gilmore (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Roland Dobbins (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Patrick W. Gilmore (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Eliot Lear (Sep 28)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Stephen Satchell (Sep 28)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Keith Stokes (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Brielle Bruns (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Roland Dobbins (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Brielle Bruns (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Brielle Bruns (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Roland Dobbins (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Peter Beckman (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Mike Hammett (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Mike Hammett (Sep 27)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Jared Mauch (Sep 27)