From arussell at stevens.edu Tue Jan 7 09:24:52 2014 From: arussell at stevens.edu (Andrew Russell) Date: Tue, 7 Jan 2014 12:24:52 -0500 Subject: [ih] James Pelkey's History of Computer Communications, 1968-1988 Message-ID: <9B721334-4CE6-414C-81C4-DFE03AA5EBC9@stevens.edu> Colleagues - I invite you to take a look at Jim Pelkey's website/book, "Entrepreneurial Capitalism and Innovation: A History of Computer Communications, 1968-1988," available from http://www.historyofcomputercommunications.info/. Many chapters of this book have been online for a few years, but the final chapter is now posted and the narrative of the book is complete. In my view, there are a few aspects of Pelkey's work that set it apart from other accounts of computer communications and networking in these crucial decades. First, and most striking, Pelkey's narrative stops in 1988 - a time when the future of internetworking was far from settled. Because his account does not end with the explosion of the Internet, the dot-com boom in the 1990s, etc., it invites readers to ponder "what if" questions and to think more deeply about why the Internet emerged victorious from its competition with OSI. Second, the book's sources and units of analysis are different from existing accounts of computer networking (including my own work). As an investor in the 1980s, Pelkey was able to interview many protagonists of computer communications, collect market research, and focus on these events from a market perspective to explain what companies were making networking and internetworking equipment, what their customers wanted to do with it, and why there was so much churn in the industry. Readers can explore Pelkey's material through various market sectors (http://www.historyofcomputercommunications.info/MarketSectors/ExploreByMarketSectors.html), or through different types of organizations (http://www.historyofcomputercommunications.info/Organizations/OrganizationsHome.html). Third, the book honors the non-linear, hypertext spirit of the web. As Pelkey writes in his introduction, "To recreate a sense of the uncertainty each person or organization faced, as well as to give the reader the freedom to explore the history as fit one?s interest, the reconstruction assumed the form of a series of overlapping hypertext blocks organized within time. While this format provides a rich context for reader exploration, it does not lend itself to being published as a traditional book. Thus this website. I invite you to explore and come to your own conclusions as to what happened and why." There is much more to be said about this impressive body of research and writing - not to mention the historical events that it documents! - but I'll stop here. The 80 interviews that Pelkey conducted, most of them in 1988, are now at the Computer History Museum. So far there are transcripts of 10 interviews available on the website (including interviews with Licklider, Donald Davies, Bernard Strassberg, and Bob Metcalfe); it is my understanding that more transcripts will be available soon. The CHM (through Marc Weber, curator of its Internet History Program) has agreed to maintain the book permanently from the "Special Projects" menu at its website, http://www.computerhistory.org/explore/. For now, you can access it directly from http://www.historyofcomputercommunications.info/. Enjoy, and I am sure that Jim would be very happy to read your comments - his email appears above in the cc line. Cheers, Andy From jack at 3kitty.org Sat Jan 18 08:30:39 2014 From: jack at 3kitty.org (Jack Haverty) Date: Sat, 18 Jan 2014 08:30:39 -0800 Subject: [ih] Internet milestone - The Refrigerator Strikes Back Message-ID: This has just got to be a milestone for Internet historians: http://zeenews.india.com/news/net-news/hackers-use-connected-home-appliances-to-launch-global-cyberattack_905067.html When I saw this report, the final scene of the recent Hobbit movie flashed into my brain -- where the hero (Bilbo) laments "What have we done!!!?" Excuse me, I have to go configure my router so that my refrigerator can't talk to the outside world. I'm assuming of course that my router is still actually doing what I tell it to do. /Jack Haverty -------------- next part -------------- An HTML attachment was scrubbed... URL: From ian.peter at ianpeter.com Sat Jan 18 12:28:20 2014 From: ian.peter at ianpeter.com (Ian Peter) Date: Sun, 19 Jan 2014 07:28:20 +1100 Subject: [ih] Internet milestone - The Refrigerator Strikes Back (Jack Haverty) In-Reply-To: References: Message-ID: But wasn't the first example of this the Carnegie-Mellon Coke machine in 1982? http://knowyourmeme.com/memes/internet-coke-machine Message: 1 Date: Sat, 18 Jan 2014 08:30:39 -0800 From: Jack Haverty Subject: [ih] Internet milestone - The Refrigerator Strikes Back To: "internet-history at postel.org" Message-ID: Content-Type: text/plain; charset="iso-8859-1" This has just got to be a milestone for Internet historians: http://zeenews.india.com/news/net-news/hackers-use-connected-home-appliances-to-launch-global-cyberattack_905067.html When I saw this report, the final scene of the recent Hobbit movie flashed into my brain -- where the hero (Bilbo) laments "What have we done!!!?" Excuse me, I have to go configure my router so that my refrigerator can't talk to the outside world. I'm assuming of course that my router is still actually doing what I tell it to do. /Jack Haverty -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.postel.org/pipermail/internet-history/attachments/20140118/24f923f3/attachment-0001.html ------------------------------ _______________________________________________ internet-history mailing list internet-history at postel.org http://mailman.postel.org/mailman/listinfo/internet-history End of internet-history Digest, Vol 82, Issue 2 *********************************************** From jnc at mercury.lcs.mit.edu Sat Jan 18 13:26:42 2014 From: jnc at mercury.lcs.mit.edu (Noel Chiappa) Date: Sat, 18 Jan 2014 16:26:42 -0500 (EST) Subject: [ih] Internet milestone - The Refrigerator Strikes Back (Jack Haverty) Message-ID: <20140118212642.D697618C152@mercury.lcs.mit.edu> > From: "Ian Peter" > But wasn't the first example of this [CMU] Coke machine in 1982? The Coke machine didn't, AFAIK, mount attacks on other ARPANet hosts (which was the point of Jack's message). Noel From jack at 3kitty.org Sat Jan 18 15:55:16 2014 From: jack at 3kitty.org (Jack Haverty) Date: Sat, 18 Jan 2014 15:55:16 -0800 Subject: [ih] Internet milestone - The Refrigerator Strikes Back (Jack Haverty) In-Reply-To: <20140118212642.D697618C152@mercury.lcs.mit.edu> References: <20140118212642.D697618C152@mercury.lcs.mit.edu> Message-ID: Exactly right - this is the first (that I've heard about) instance of our household appliances being taken over by a malevolent force and used to attack others, all via the Internet. You kind of expect your personal computers to be recruited -- after all they sit there saying "Program me!!" all day. But refrigerators, TVs, et al were more loyal, until now. Where's an exorcist when you need one? Actually, this is seriously a real problem....how do I get anti-virus software into my kitchen appliances? BTW, there was a Coke machine attached to the ARPANET in the mid 70s, well before IP was deployed, or the 1982 CMU machine. IIRC it had a specific IMP/port address (on MIT-AI I believe) to which you could Telnet and get back the current temperature of the contents of the machine. No one likes warm soda....or a long fruitless walk to a too recently stocked machine. /Jack On Sat, Jan 18, 2014 at 1:26 PM, Noel Chiappa wrote: > > From: "Ian Peter" > > > But wasn't the first example of this [CMU] Coke machine in 1982? > > The Coke machine didn't, AFAIK, mount attacks on other ARPANet hosts (which > was the point of Jack's message). > > Noel > -------------- next part -------------- An HTML attachment was scrubbed... URL: From ian.peter at ianpeter.com Sat Jan 18 16:12:42 2014 From: ian.peter at ianpeter.com (Ian Peter) Date: Sun, 19 Jan 2014 11:12:42 +1100 Subject: [ih] Internet milestone - The Refrigerator Strikes Back (Jack Haverty) In-Reply-To: <20140118212642.D697618C152@mercury.lcs.mit.edu> References: <20140118212642.D697618C152@mercury.lcs.mit.edu> Message-ID: <8135FB2848E943CA8F968E03B24F4855@Toshiba> true, but there are some origins there -----Original Message----- From: Noel Chiappa Sent: Sunday, January 19, 2014 8:26 AM To: internet-history at postel.org Cc: jnc at mercury.lcs.mit.edu Subject: Re: [ih] Internet milestone - The Refrigerator Strikes Back (Jack Haverty) > From: "Ian Peter" > But wasn't the first example of this [CMU] Coke machine in 1982? The Coke machine didn't, AFAIK, mount attacks on other ARPANet hosts (which was the point of Jack's message). Noel From jnc at mercury.lcs.mit.edu Sat Jan 18 16:15:41 2014 From: jnc at mercury.lcs.mit.edu (Noel Chiappa) Date: Sat, 18 Jan 2014 19:15:41 -0500 (EST) Subject: [ih] Internet milestone - The Refrigerator Strikes Back (Jack Haverty) Message-ID: <20140119001541.1FBAF18C16E@mercury.lcs.mit.edu> > From: Jack Haverty > there was a Coke machine attached to the ARPANET in the mid 70s, well > before IP was deployed, or the 1982 CMU machine. IIRC it had a specific > IMP/port address (on MIT-AI I believe) to which you could Telnet and > get back the current temperature of the contents of the machine. I think that was actually SAIL, wasn't it? And it wouldn't have been connected directly to the IMP (that would have required an IMP interface, and a mini to run it); it was a peripheral on the PDP-10. (There may have been an NCP server that returned the status of the Coke machine, though.) Just like the elevator call hack at MIT... Oh, better not talk about that! :-) Noel From vint at google.com Sat Jan 18 16:50:25 2014 From: vint at google.com (Vint Cerf) Date: Sat, 18 Jan 2014 19:50:25 -0500 Subject: [ih] Internet milestone - The Refrigerator Strikes Back (Jack Haverty) In-Reply-To: <20140119001541.1FBAF18C16E@mercury.lcs.mit.edu> References: <20140119001541.1FBAF18C16E@mercury.lcs.mit.edu> Message-ID: Stanford had a vending machine called the Prancing Pony that you would order from... v On Sat, Jan 18, 2014 at 7:15 PM, Noel Chiappa wrote: > > From: Jack Haverty > > > there was a Coke machine attached to the ARPANET in the mid 70s, well > > before IP was deployed, or the 1982 CMU machine. IIRC it had a > specific > > IMP/port address (on MIT-AI I believe) to which you could Telnet and > > get back the current temperature of the contents of the machine. > > I think that was actually SAIL, wasn't it? And it wouldn't have been > connected directly to the IMP (that would have required an IMP interface, > and a mini to run it); it was a peripheral on the PDP-10. (There may have > been > an NCP server that returned the status of the Coke machine, though.) > > Just like the elevator call hack at MIT... Oh, better not talk about that! > :-) > > Noel > -------------- next part -------------- An HTML attachment was scrubbed... URL: From randy at psg.com Sat Jan 18 17:56:47 2014 From: randy at psg.com (Randy Bush) Date: Sun, 19 Jan 2014 07:56:47 +0600 Subject: [ih] Internet milestone - The Refrigerator Strikes Back (Jack Haverty) In-Reply-To: References: <20140119001541.1FBAF18C16E@mercury.lcs.mit.edu> Message-ID: > Stanford had a vending machine called the Prancing Pony that you would > order from... and it would bet you doible or nothing From jack at 3kitty.org Sat Jan 18 18:10:31 2014 From: jack at 3kitty.org (Jack Haverty) Date: Sat, 18 Jan 2014 18:10:31 -0800 Subject: [ih] Internet milestone - The Refrigerator Strikes Back (Jack Haverty) In-Reply-To: <20140119001541.1FBAF18C16E@mercury.lcs.mit.edu> References: <20140119001541.1FBAF18C16E@mercury.lcs.mit.edu> Message-ID: Correct. It was hooked somehow to a PDP-10. No one wrote an NCP for the coke machine. Although it *did* have quite a few FIFO buffers - might have made a decent gateway... I think lots of places had some kind of vending machine attached to their ARPANET host and somehow accessible via the net. Not sure who did it first. /Jack On Sat, Jan 18, 2014 at 4:15 PM, Noel Chiappa wrote: > > From: Jack Haverty > > > there was a Coke machine attached to the ARPANET in the mid 70s, well > > before IP was deployed, or the 1982 CMU machine. IIRC it had a > specific > > IMP/port address (on MIT-AI I believe) to which you could Telnet and > > get back the current temperature of the contents of the machine. > > I think that was actually SAIL, wasn't it? And it wouldn't have been > connected directly to the IMP (that would have required an IMP interface, > and a mini to run it); it was a peripheral on the PDP-10. (There may have > been > an NCP server that returned the status of the Coke machine, though.) > > Just like the elevator call hack at MIT... Oh, better not talk about that! > :-) > > Noel > -------------- next part -------------- An HTML attachment was scrubbed... URL: From johnl at iecc.com Sat Jan 18 18:10:53 2014 From: johnl at iecc.com (John Levine) Date: 19 Jan 2014 02:10:53 -0000 Subject: [ih] Internet milestone - The Refrigerator Strikes Back (Jack Haverty) In-Reply-To: Message-ID: <20140119021053.96570.qmail@joyce.lan> >Actually, this is seriously a real problem....how do I get anti-virus >software into my kitchen appliances? You don't. The question is what moron allowed kitchen appliances to be remotely reprogrammed? From mfidelman at meetinghouse.net Sat Jan 18 19:44:02 2014 From: mfidelman at meetinghouse.net (Miles Fidelman) Date: Sat, 18 Jan 2014 22:44:02 -0500 Subject: [ih] Internet milestone - The Refrigerator Strikes Back (Jack Haverty) In-Reply-To: <20140119021053.96570.qmail@joyce.lan> References: <20140119021053.96570.qmail@joyce.lan> Message-ID: <52DB4A02.2010709@meetinghouse.net> John Levine wrote: >> Actually, this is seriously a real problem....how do I get anti-virus >> software into my kitchen appliances? > You don't. The question is what moron allowed kitchen appliances to > be remotely reprogrammed? At the very least, you can block ports at your router. Miles Fidelman -- In theory, there is no difference between theory and practice. In practice, there is. .... Yogi Berra From brian.e.carpenter at gmail.com Sat Jan 18 19:55:16 2014 From: brian.e.carpenter at gmail.com (Brian E Carpenter) Date: Sun, 19 Jan 2014 16:55:16 +1300 Subject: [ih] Internet milestone - The Refrigerator Strikes Back (Jack Haverty) In-Reply-To: <20140119021053.96570.qmail@joyce.lan> References: <20140119021053.96570.qmail@joyce.lan> Message-ID: <52DB4CA4.9040709@gmail.com> I think the main danger today is wireless gateways where you can log in with admin/admin. I even encountered an ISP in the UK that set the password on all its consumer gateways to "password". When they say "Enter password" you do exactly that. Of course it's irresponsible but if they do that, why would they do better for a fridge? Those who do not learn from history, etc. Brian On 19/01/2014 15:10, John Levine wrote: >> Actually, this is seriously a real problem....how do I get anti-virus >> software into my kitchen appliances? > > You don't. The question is what moron allowed kitchen appliances to > be remotely reprogrammed? > > . > From paul at redbarn.org Sat Jan 18 19:55:56 2014 From: paul at redbarn.org (Paul Vixie) Date: Sat, 18 Jan 2014 19:55:56 -0800 Subject: [ih] Internet milestone - The Refrigerator Strikes Back (Jack Haverty) In-Reply-To: <20140119021053.96570.qmail@joyce.lan> References: <20140119021053.96570.qmail@joyce.lan> Message-ID: <52DB4CCC.2070009@redbarn.org> John Levine wrote: >> Actually, this is seriously a real problem....how do I get anti-virus >> software into my kitchen appliances? > > You don't. The question is what moron allowed kitchen appliances to > be remotely reprogrammed? i think that after the last ten years, it ought to be the case that any vendor who allows to be deployed an internet-connected device that is not field upgradeable (for security patches) and is not automatically lifetime-supported (for security patches) should be tried for crimes against humanity. CPE vendors, i'm looking at *you*. that said, i'd prefer that only the vendor be able to patch this stuff. regrettably, buffer-safe xml parsers are hard, but xml popularity increases. -------------- next part -------------- An HTML attachment was scrubbed... URL: From LarrySheldon at cox.net Sat Jan 18 20:57:15 2014 From: LarrySheldon at cox.net (Larry Sheldon) Date: Sat, 18 Jan 2014 22:57:15 -0600 Subject: [ih] Internet milestone - The Refrigerator Strikes Back (Jack Haverty) In-Reply-To: References: <20140119001541.1FBAF18C16E@mercury.lcs.mit.edu> Message-ID: <52DB5B2B.9030903@cox.net> On 1/18/2014 8:10 PM, Jack Haverty wrote: > On Sat, Jan 18, 2014 at 4:15 PM, Noel Chiappa wrote: >> Just like the elevator call hack at MIT... Oh, better not talk about that! >> :-) Sounds like something really ought to be documented for the ages..... I have not seen mention of the Coke machine at JPL (or maybe it was CalTech) that had a display that could be used to post messages to people, or the mechanical hand you could use to chase the cats off the printer somewhere... -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actio Infallibility, and the ability to learn from their mistakes. (Adapted from Stephen Pinker) From b_a_denny at yahoo.com Sat Jan 18 22:56:15 2014 From: b_a_denny at yahoo.com (Barbara Denny) Date: Sat, 18 Jan 2014 22:56:15 -0800 (PST) Subject: [ih] Internet milestone - The Refrigerator Strikes Back In-Reply-To: References: Message-ID: <1390114575.10210.YahooMailNeo@web160503.mail.bf1.yahoo.com> Here is a pretty good recollection of the coke machine at CMU. https://www.cs.cmu.edu/~coke/history_long.txt Even though I went to CMU, ?I don't really know much about its history (I left in 1981). barbara -------------- next part -------------- An HTML attachment was scrubbed... URL: From fergdawgster at mykolab.com Sun Jan 19 08:42:40 2014 From: fergdawgster at mykolab.com (Paul Ferguson) Date: Sun, 19 Jan 2014 08:42:40 -0800 Subject: [ih] Your refrigerator probably hasn't joined a botnet In-Reply-To: <52DBFEFA.9050103@mykolab.com> References: <52DBFEFA.9050103@mykolab.com> Message-ID: <52DC0080.1010109@mykolab.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 No sense in writing this twice. :-) Here is something that I sent to libtech just a few minutes ago... although not "historical", it is important, I think, to properly frame the situation as it stands today -- we're moving into new territory every day. Some it if is... predictably dangerous if proper safeguards are not incorporated up-front instead of "bolted on" after deployment (which usually always fails). - - ferg - -------- Original Message -------- Subject: [liberationtech] Your refrigerator probably hasn't joined a botnet Date: Sun, 19 Jan 2014 08:36:10 -0800 From: Paul Ferguson Reply-To: fergdawgster at mykolab.com, liberationtech Organization: Clowns R. Mofos To: liberationtech This nonsense about refrigerators being part of a botnet is not an accurate depiction of the world we live in today, but more of a warning of where things can go wrong in the future, while technologists are rushing headlong into the Internet of Things (IoT). While there are certainly some interesting real-world examples of unintended consequences of consumer devices being infected by Trojan Horse programs and other malware (e.g. digital cameras and picture frames coming directly into the retail market "pre-infected" from the manufacturer, hospital healthcare devices becoming infected by computer worms through incidental contact, etc.), most cases today are incidental. Via BoingBoing: "A mediagenic press-release from Proofpoint, a security firm, announced that its researchers had discovered a 100,000-device-strong botnet made up of hacked 'Internet of Things' appliances, such as refrigerators. The story's very interesting, but also wildly implausible as Ars Technica's Dan Goodin explains." "The report is light on technical details, and the details that the company supplied to Goodin later just don't add up. Nevertheless, the idea of embedded systems being recruited to botnets isn't inherently implausible, and some of the attacks that Ang Cui has demonstrated scare the heck out of me." http://boingboing.net/2014/01/18/your-refrigerator-probably-has.html Don't get sucked in by the IoT marketing hype, but -- and it is a *big* but -- there definitely is a potential for this headlong rush into the Internet of Things can develop into the unfortunate situation where no one spent enough time thinking about the security posture of such actions. If no one spends time up front thinking about these implications, we can have a real mess on our collective hands. - - ferg - -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu. - -- Paul Ferguson PGP Public Key ID: 0x54DC85B2 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iF4EAREIAAYFAlLcAIAACgkQKJasdVTchbIMVwD9EaHANJUpKLRI4ZmIOUHbKP18 bgZaDBCkeXpHi6nZNEQBAIWxnLzkHI/rqIc3gz6ntcrErfGLHaC1ypn7M3bFdscz =wh9j -----END PGP SIGNATURE----- From jack at 3kitty.org Sun Jan 19 09:44:51 2014 From: jack at 3kitty.org (Jack Haverty) Date: Sun, 19 Jan 2014 09:44:51 -0800 Subject: [ih] Your refrigerator probably hasn't joined a botnet In-Reply-To: <52DC0080.1010109@mykolab.com> References: <52DBFEFA.9050103@mykolab.com> <52DC0080.1010109@mykolab.com> Message-ID: How do I *know* that my appliance is not a part of a botnet today? My home LAN has a bunch of devices on it, and many, maybe all, of them communicate with whatever is at a lot of other IP addresses. Some of these I recognize, like NTP servers. Others are mysterious, but probably part of some mechanism for software updates, or advertising, or spying, or ??? I can't recall a single product manual that specifies what the product will do with the Internet. So how can I tell it's doing what the manufacturer intended? Or communicating with its master in a botnet, perhaps just keeping in touch stealthily at odd hours and even waiting for lots of other traffic to hide itself in. I agree that my appliances are probably not part of a botnet today - but only because I'm optimistic and it's probably too early in the technology timeline. I don't know that it's true. Technology like Raspberry Pi and CuBox now puts serious computer power in a cheap 2x2x2-inch cube, all network-capable and even with WiFi, and easily programmable by anyone. Fertile ground for botnets.... /Jack Haverty On Sun, Jan 19, 2014 at 8:42 AM, Paul Ferguson wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > No sense in writing this twice. :-) > > Here is something that I sent to libtech just a few minutes ago... > although not "historical", it is important, I think, to properly frame > the situation as it stands today -- we're moving into new territory > every day. Some it if is... predictably dangerous if proper safeguards > are not incorporated up-front instead of "bolted on" after deployment > (which usually always fails). > > - - ferg > > > > - -------- Original Message -------- > Subject: [liberationtech] Your refrigerator probably hasn't joined a > botnet > Date: Sun, 19 Jan 2014 08:36:10 -0800 > From: Paul Ferguson > Reply-To: fergdawgster at mykolab.com, liberationtech > > Organization: Clowns R. Mofos > To: liberationtech > > > This nonsense about refrigerators being part of a botnet is not an > accurate depiction of the world we live in today, but more of a > warning of where things can go wrong in the future, while > technologists are rushing headlong into the Internet of Things (IoT). > > While there are certainly some interesting real-world examples of > unintended consequences of consumer devices being infected by Trojan > Horse programs and other malware (e.g. digital cameras and picture > frames coming directly into the retail market "pre-infected" from the > manufacturer, hospital healthcare devices becoming infected by > computer worms through incidental contact, etc.), most cases today are > incidental. > > Via BoingBoing: > > "A mediagenic press-release from Proofpoint, a security firm, > announced that its researchers had discovered a 100,000-device-strong > botnet made up of hacked 'Internet of Things' appliances, such as > refrigerators. The story's very interesting, but also wildly > implausible as Ars Technica's Dan Goodin explains." > > "The report is light on technical details, and the details that the > company supplied to Goodin later just don't add up. Nevertheless, the > idea of embedded systems being recruited to botnets isn't inherently > implausible, and some of the attacks that Ang Cui has demonstrated > scare the heck out of me." > > http://boingboing.net/2014/01/18/your-refrigerator-probably-has.html > > Don't get sucked in by the IoT marketing hype, but -- and it is a > *big* but -- there definitely is a potential for this headlong rush > into the Internet of Things can develop into the unfortunate situation > where no one spent enough time thinking about the security posture of > such actions. If no one spends time up front thinking about these > implications, we can have a real mess on our collective hands. > > - - ferg > > > - -- > Liberationtech is public & archives are searchable on Google. Violations > of list guidelines will get you moderated: > https://mailman.stanford.edu/mailman/listinfo/liberationtech. > Unsubscribe, change to digest, or change password by emailing moderator > at companys at stanford.edu. > > > > > - -- > Paul Ferguson > PGP Public Key ID: 0x54DC85B2 > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.22 (MingW32) > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iF4EAREIAAYFAlLcAIAACgkQKJasdVTchbIMVwD9EaHANJUpKLRI4ZmIOUHbKP18 > bgZaDBCkeXpHi6nZNEQBAIWxnLzkHI/rqIc3gz6ntcrErfGLHaC1ypn7M3bFdscz > =wh9j > -----END PGP SIGNATURE----- > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mfidelman at meetinghouse.net Sun Jan 19 10:23:08 2014 From: mfidelman at meetinghouse.net (Miles Fidelman) Date: Sun, 19 Jan 2014 13:23:08 -0500 Subject: [ih] Your refrigerator probably hasn't joined a botnet In-Reply-To: References: <52DBFEFA.9050103@mykolab.com> <52DC0080.1010109@mykolab.com> Message-ID: <52DC180C.5070502@meetinghouse.net> Jack Haverty wrote: > How do I *know* that my appliance is not a part of a botnet today? > My home LAN has a bunch of devices on it, and many, maybe all, of them > communicate with whatever is at a lot of other IP addresses. Some of > these I recognize, like NTP servers. Others are mysterious, but > probably part of some mechanism for software updates, or advertising, > or spying, or ??? I can't recall a single product manual that > specifies what the product will do with the Internet. So how can I > tell it's doing what the manufacturer intended? Or communicating with > its master in a botnet, perhaps just keeping in touch stealthily at > odd hours and even waiting for lots of other traffic to hide itself in. > > I agree that my appliances are probably not part of a botnet today - > but only because I'm optimistic and it's probably too early in the > technology timeline. I don't know that it's true. > > Technology like Raspberry Pi and CuBox now puts serious computer power > in a cheap 2x2x2-inch cube, all network-capable and even with WiFi, > and easily programmable by anyone. Fertile ground for botnets.... > Kind of suggests a nice business opportunity for a residential internet security appliance. Hmmm..... Miles Fidelman -- In theory, there is no difference between theory and practice. In practice, there is. .... Yogi Berra From fergdawgster at mykolab.com Sun Jan 19 10:52:19 2014 From: fergdawgster at mykolab.com (Paul Ferguson) Date: Sun, 19 Jan 2014 10:52:19 -0800 Subject: [ih] Your refrigerator probably hasn't joined a botnet In-Reply-To: References: <52DBFEFA.9050103@mykolab.com> <52DC0080.1010109@mykolab.com> Message-ID: <52DC1EE3.9020605@mykolab.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > How do I *know* that my appliance is not a part of a botnet today? As a residential consumer, that is a hard problem, but I believe technologies like DNS RPZ [1] et al. will arise to assist in this area. And residential broadband providers like Comcast [2] are already starting to act responsibly to notify consumers (customers) of infections. Again, as this idea known as IoT, connecting myriad residential (and other mobile devices such as cars) devices to the Internet, we'll all be learning. :-) - - ferg [1] https://dnsrpz.info/ [2] "Comcast takes free anti-botnet service nationwide" http://news.cnet.com/8301-27080_3-20018168-245.html On 1/19/2014 9:44 AM, Jack Haverty wrote: > How do I *know* that my appliance is not a part of a botnet today? > My home LAN has a bunch of devices on it, and many, maybe all, of > them communicate with whatever is at a lot of other IP addresses. > Some of these I recognize, like NTP servers. Others are > mysterious, but probably part of some mechanism for software > updates, or advertising, or spying, or ??? I can't recall a > single product manual that specifies what the product will do with > the Internet. So how can I tell it's doing what the manufacturer > intended? Or communicating with its master in a botnet, perhaps > just keeping in touch stealthily at odd hours and even waiting for > lots of other traffic to hide itself in. > > I agree that my appliances are probably not part of a botnet today > - but only because I'm optimistic and it's probably too early in > the technology timeline. I don't know that it's true. > > Technology like Raspberry Pi and CuBox now puts serious computer > power in a cheap 2x2x2-inch cube, all network-capable and even with > WiFi, and easily programmable by anyone. Fertile ground for > botnets.... > > /Jack Haverty > > > > On Sun, Jan 19, 2014 at 8:42 AM, Paul Ferguson > > > wrote: > > No sense in writing this twice. :-) > > Here is something that I sent to libtech just a few minutes ago... > although not "historical", it is important, I think, to properly > frame the situation as it stands today -- we're moving into new > territory every day. Some it if is... predictably dangerous if > proper safeguards are not incorporated up-front instead of "bolted > on" after deployment (which usually always fails). > > - ferg > > > > -------- Original Message -------- Subject: [liberationtech] Your > refrigerator probably hasn't joined a botnet Date: Sun, 19 Jan 2014 > 08:36:10 -0800 From: Paul Ferguson > Reply-To: > fergdawgster at mykolab.com , > liberationtech > Organization: Clowns R. > Mofos To: liberationtech > > > > This nonsense about refrigerators being part of a botnet is not an > accurate depiction of the world we live in today, but more of a > warning of where things can go wrong in the future, while > technologists are rushing headlong into the Internet of Things > (IoT). > > While there are certainly some interesting real-world examples of > unintended consequences of consumer devices being infected by > Trojan Horse programs and other malware (e.g. digital cameras and > picture frames coming directly into the retail market > "pre-infected" from the manufacturer, hospital healthcare devices > becoming infected by computer worms through incidental contact, > etc.), most cases today are incidental. > > Via BoingBoing: > > "A mediagenic press-release from Proofpoint, a security firm, > announced that its researchers had discovered a > 100,000-device-strong botnet made up of hacked 'Internet of Things' > appliances, such as refrigerators. The story's very interesting, > but also wildly implausible as Ars Technica's Dan Goodin > explains." > > "The report is light on technical details, and the details that > the company supplied to Goodin later just don't add up. > Nevertheless, the idea of embedded systems being recruited to > botnets isn't inherently implausible, and some of the attacks that > Ang Cui has demonstrated scare the heck out of me." > > http://boingboing.net/2014/01/18/your-refrigerator-probably-has.html > > Don't get sucked in by the IoT marketing hype, but -- and it is a > *big* but -- there definitely is a potential for this headlong > rush into the Internet of Things can develop into the unfortunate > situation where no one spent enough time thinking about the > security posture of such actions. If no one spends time up front > thinking about these implications, we can have a real mess on our > collective hands. > > - ferg > > > > - -- Paul Ferguson PGP Public Key ID: 0x54DC85B2 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iF4EAREIAAYFAlLcHuMACgkQKJasdVTchbIeOAEAppQyXrqBkGBigzhMeM8xTYdf oUOwP1J+/lBNqZhGvVEBAIa+zXdnkcxM7nkEOeuLoUPRoRwP9DRGPMW20clYkD45 =Mlia -----END PGP SIGNATURE----- From johnl at iecc.com Sun Jan 19 10:52:38 2014 From: johnl at iecc.com (John Levine) Date: 19 Jan 2014 18:52:38 -0000 Subject: [ih] Internet milestone - The Refrigerator Strikes Back (Jack Haverty) In-Reply-To: <52DB4CCC.2070009@redbarn.org> Message-ID: <20140119185238.40374.qmail@joyce.lan> >> You don't. The question is what moron allowed kitchen appliances to >> be remotely reprogrammed? > >i think that after the last ten years, it ought to be the case that any >vendor who allows to be deployed an internet-connected device that is >not field upgradeable (for security patches) and is not automatically >lifetime-supported (for security patches) should be tried for crimes >against humanity. CPE vendors, i'm looking at *you*. > >that said, i'd prefer that only the vendor be able to patch this stuff. I would certainly be willing to make an exception for cryptographically signed vendor security updates. The vendors would hate this, but I'd also like some sort of communications kill switch for things like refrigerators. My fridge has gotten along just fine for the past 15 years without telling me how many eggs I have, and I expect that yours (for some version of you) can continue peforming its core functions just fine without exchanging IP packets with anyone. R's, John From AMaitland at Commerco.Com Sun Jan 19 11:22:27 2014 From: AMaitland at Commerco.Com (Alan Maitland) Date: Sun, 19 Jan 2014 12:22:27 -0700 Subject: [ih] Your refrigerator probably hasn't joined a botnet In-Reply-To: <52DC180C.5070502@meetinghouse.net> References: <52DBFEFA.9050103@mykolab.com> <52DC0080.1010109@mykolab.com> <52DC180C.5070502@meetinghouse.net> Message-ID: <52DC25F3.2050005@Commerco.Com> On 1/19/2014 11:23 AM, Miles Fidelman wrote: > Jack Haverty wrote: >> How do I *know* that my appliance is not a part of a botnet today? My >> home LAN has a bunch of devices on it, and many, maybe all, of them >> communicate with whatever is at a lot of other IP addresses. Some of >> these I recognize, like NTP servers. Others are mysterious, but >> probably part of some mechanism for software updates, or advertising, >> or spying, or ??? I can't recall a single product manual that >> specifies what the product will do with the Internet. So how can I >> tell it's doing what the manufacturer intended? Or communicating with >> its master in a botnet, perhaps just keeping in touch stealthily at >> odd hours and even waiting for lots of other traffic to hide itself in. >> >> I agree that my appliances are probably not part of a botnet today - >> but only because I'm optimistic and it's probably too early in the >> technology timeline. I don't know that it's true. >> >> Technology like Raspberry Pi and CuBox now puts serious computer power >> in a cheap 2x2x2-inch cube, all network-capable and even with WiFi, >> and easily programmable by anyone. Fertile ground for botnets.... >> > > Kind of suggests a nice business opportunity for a residential internet > security appliance. Hmmm..... > > Miles Fidelman > Or a possible new opportunity for John Levine to author another book... Wireshark for Dummies. ;-) Alan From bernie at fantasyfarm.com Sun Jan 19 12:36:16 2014 From: bernie at fantasyfarm.com (Bernie Cosell) Date: Sun, 19 Jan 2014 15:36:16 -0500 Subject: [ih] Your refrigerator probably hasn't joined a botnet In-Reply-To: <52DC180C.5070502@meetinghouse.net> References: <52DBFEFA.9050103@mykolab.com>, , <52DC180C.5070502@meetinghouse.net> Message-ID: <52DC3740.21157.3EE7A90@bernie.fantasyfarm.com> On 19 Jan 2014 at 13:23, Miles Fidelman wrote: > Kind of suggests a nice business opportunity for a residential internet > security appliance. Hmmm..... And disguise it as a toaster so the other appliances won't suspect. /b\ -- Bernie Cosell Fantasy Farm Fibers mailto:bernie at fantasyfarm.com Pearisburg, VA --> Too many people, too few sheep <-- From jnc at mercury.lcs.mit.edu Tue Jan 21 10:36:50 2014 From: jnc at mercury.lcs.mit.edu (Noel Chiappa) Date: Tue, 21 Jan 2014 13:36:50 -0500 (EST) Subject: [ih] MIT AI Lab elevator hack (was "Internet milestone") Message-ID: <20140121183650.7339118C1BF@mercury.lcs.mit.edu> > From: Larry Sheldon >> Just like the elevator call hack at MIT... Oh, better not talk about >> that! :-) > Sounds like something really ought to be documented for the ages..... Now that I think about it, it's probably safe to do so: AI-LCS/CSAIL is no longer in that (rented) building, and I think the building has been sold to a new company too, etc. (Needless to say, hacking an elevator controller was decidely non-kosher.) Some bright spark(s) at the AI Lab led a couple of wires into the elevator controller at 545 Tech Sq (I seem to recall hearing they'd glued them to be back of some beam where it was almost impossible to see them) to allow the virtual call buttons for the 8th and 9th floors to be pressed. They were run to the PDP-11 on the MIT-AI KA-10 that ran the Knight TV terminals (which were, if memory serves, the first bit-mapped displays ever). Code there (and of course there was some special hardware to interface to the elevator controller) was such that typing 'Escape E' on a Knight TV keyboard called the elevator to the appropriate floor (there was a table which told the TV-11 which floors each terminal was on). The TV-11 source (which I have squirreled away, it anyone wants to see it - it's in MACRO-11, but no longer seems to be abailable online anywhere) says "ELEVATOR CODE 2/13/79". There was also code (and hardware) to unlock the 9th floor machine room door from the keyboards ('Escape D'), to let people in without the need to go over to the door (not sure if that was older, or added at the same time as the elevator hack). Noel From bauer at mit.edu Tue Jan 21 11:35:24 2014 From: bauer at mit.edu (Steve Bauer) Date: Tue, 21 Jan 2014 14:35:24 -0500 Subject: [ih] MIT AI Lab elevator hack (was "Internet milestone") In-Reply-To: <20140121183650.7339118C1BF@mercury.lcs.mit.edu> References: <20140121183650.7339118C1BF@mercury.lcs.mit.edu> Message-ID: On Tue, Jan 21, 2014 at 1:36 PM, Noel Chiappa wrote: > Now that I think about it, it's probably safe to do so: AI-LCS/CSAIL is no > longer in that (rented) building, and I think the building has been sold to a > new company too, etc. Here is a good history of tech square, the owners, and some of its occupants: http://web.mit.edu/newsoffice/2004/techsquare-0317.html