AOH :: ISNQ5200.HTM

Webcams, printers, gizmos - the untold net threats

Webcams, printers, gizmos - the untold net threats
Webcams, printers, gizmos - the untold net threats


http://www.theregister.co.uk/2009/07/16/buggy_web_interface_peril/ 

By Dan Goodin in San Francisco
The Register
16th July 2009

Forget mis-configured Apache servers and vulnerability-laden Adobe 
applications. The biggest security threats to business and home networks 
may be the avalanche of webcams, printers, and other devices that ship 
with embedded web interfaces that can easily be turned against their 
masters.

The web interfaces are designed to make it easy to manage the devices by 
allowing people to use a readily familiar medium to change settings such 
as file names and IP addresses. But there's a catch: The low-cost 
gadgets were never designed to withstand attacks, even though they 
interact with some of the most sensitive parts of a computer network, 
says a team of researchers at Stanford University that tested 21 devices 
made by 16 different manufacturers.

"We didn't find a single secure device," said Hristo Bojinov, a PhD 
candidate at Stanford's Computer Security Lab, who plans to present the 
findings later this month at the Black Hat security conference in Las 
Vegas. "It tells us that it's a long tail that's completely overlooked 
right now."

The device that posed the highest number of threats was NAS, or 
network-attached storage, units, which were susceptible to all five 
attack classes considered in the study.

[...]


_______________________________________________      
Attend Black Hat USA, July 25-30 in Las Vegas, 
the world's premier technical event for ICT security experts.
Network with 4,000+ delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com

Site design & layout copyright © 1986- CodeGods