>>> ddos attack like against Dyn > >I could be wrong, but I believe that Dyn was DDoSed by the Mirai botnet, >which propagates by exploiting devices configured with default credentials. >This has nothing to do with outdated firmwares.
The problem is that you cannot realistically update those firmwares. If is trivial to compile a new firmware for those devices that doesn't request upnp to open ports to telnet or ssh. But is is impossible to deploy such an update. For consumer electronics, we cannot rely on consumers to actually download and install new firmware. So part of the solution to securing those devices has to be that (out of the box) they will update automatically. For the same reason, having lots of devices on the internet that have been abandoned by the vendor is also a huge security risk. So ideally those devices should shutdown automatically. Note that PCs, browsers, etc. are now somewhat secure because they update automatically. We need to do the same will all other devices connected to the internet. _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
