A Gift for the Hackers - Netherlands

[Skorpinok Rover]

Hello,

This one sounds really intresting, our devices are all connected !

Dont miss this...

Regards

Skorpinok W7PC.

[newbi3]

Wow.. at 6:45 they present the HP manual to someone who I am assuming is high up in HP and said that no where in the manual did it say anything about securing your printer and his responds is "Well I am not in charge of manuals"...

[digip]

Problem is for people like us, we're aware of these issues. For the average consumer, unless when plugging it in, you are prompted to change the password, most people don't even know it exists or needs to be changed, and that issue, will never go away unless the manufacturers take up that fight and enforce it on the consumer. Once they do, one of two things will happen. Either the items will sell poorly, because yes, there "are" idiots who won't read manuals nor want to deal with this when they aren't tech savvy, or the consumer will look for something that is just plug and play that works out of the box with nothing other than plugging it in and it works.

Same goes for home routers, and the fact that even changing the default password, many people still fail to disable WAN management, uPnP, TFTP, and more, and this isn't so much that people are stupid, they just aren't educated, and no one expects them to be. Every home router on the market today, to some extent, allows streaming of files to the rest of the network, with USB ports for HDD's, printers, etc, making all your data, accessible over the cloud, whether you want it or not, its a fact, and its a scary world our there. Sad thing is, I don't see it getting better in the near future, even with documentaries like this.

A few years ago, a documentary on Xerox and other brand copiers was done, and how you can buy them on eBay, resellers, etc, and almost all of them, contain internal HDD's with copies of every document ever copied, scanned, faxed, etc. Find one owned by a former law enforcement agency, government agency, insurance, medical, and so on, and you gain access to a treasure trove of data. From credit cards, to SS#'s to addresses and so on, this is not only not new, its going to get worse in the future...

Edited March 26, 2013 by digip

[telot]

I was thinking along a similar line. I know all this stuff, and I've known it for years and years. If not for the decent production value I would've skipped this video after the first 2 mins. It was when they confronted that kid with his own pin issued by his bank, that I realized I'm not the intended audience, its that guy. The kid is even young and seems to be decently tech-knowledgeable. I mean, people who are REALLY hopeless with security, just won't buy this kind of stuff. They will go with their free printer that comes with the low end computer they buy once every 4-5 years. Its the people in the middle that are the dangers to themselves. They consider themselves tech-savvy, and maybe they kind of are. But their far from security-savvy, which makes for a very dangerous game of Russian roulette, with their information on the line. While the media hypes high-profile hacks on a weekly basis, no one is talking about personal computer security on the public stage. Maybe its about time someone does.

telot

[digip]

My problem is that if this were just a default password issue, then its more a user issue, and with that, I don't really feel sorry for the end user. What I have a problem with, as where the security people were the ones storing passwords on WWW accessible machines and companies, like banks, hospitals, etc, have these devices in their systems and no one at these places is securing them, nor is their IT departments on top of it. Its one thing to be an uninformed end user, quite another for a fortune 500 company to expose their whole network to the www because they have no common sensibility to lock down their devices and network.

Edited March 26, 2013 by digip