Security Firm Predicts "Murder By Internet-Connected Devices" 135
Curseyoukhan writes "Infosec vendor IID (Internet Identity) probably hopes that by the time 2014 rolls around no one will remember the prediction it just made. That is the year it says we will see the first murder via internet connected device. The ability to do this has been around for quite some time but the company won't say why it hasn't happened yet. Probably because that would have screwed up their fear marketing. CIO blogger challenges them to a $10K bet over their claim."
Re:So we are to believe (Score:4, Insightful)
Re:So we are to believe (Score:5, Insightful)
And how many drone strikes have been carried out over the past 10 years?
The drones aren't connected to the internet, only military networks. Any peripheral traffic that happens to route anywhere out into the internet is on a secured VPN... and at that, it's only sensitive material, nothing that'll say, start world war three. The same cannot be said for, say, nuclear reactors and related industrial equipment (like centrifuges)... which apparently are. All that out of the way, who really cares what a couple of rich dudes do with their gambling money? But in the larger sense, yes, it will happen eventually as if there's one thing you can bet on long-term is that we'll find more creative ways to kill each other...
All this boils down to is one person betting on "sooner" and the other on "later".
Re:So we are to believe (Score:4, Insightful)
Why would my car need a two-way comm channel on the Internet? I can possibly see reporting but accepting input? Why?
For providing entertainment and map, weather and traffic updates. That shouldn't be able to spill into the controls, but you never know.
Re:So we are to believe (Score:5, Insightful)
One major vector that would be ripe for abuse would be a combination of "self driving car", + "malicious GPS map update".
Eg, the self driving car would have sensors to determine it is on an actual road, of course. But that doesn't stop the car from autodriving off an unfinished bypass rampway, when its map software says the road is finished.
This wouldn't necessarily be able to target a specific vehicle without a pretty sophisticated man in the middle attack, (how you would do that is questionable in and of itself, perhaps if you put the middleman directly ON the car? Malicious android device, or a raspberry pi? But if you do that, why not just put a pipebomb like normal terrorists would?) But would work with a remote DNS injection attack against an entire vehicle product line, with disasterous effects all over. The attacker just needs to know when vehicles contact the map server, poison the DNS for the server, and then serve the malicious maps to updating vehicles when they connect.
You're all doomed! You'll be killed by your PC! (Score:5, Insightful)
I would probably consider this news (that is in no way interesting and informative) if this prediction is made by Symantec, McAfee or Kaspersky. Put some obscure "IID" here and it just smells so slash-PR.