Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Security IT

'Zombie Devices' Raise Cybersecurity Alarm as Consumers Ignore Smart Tech Expiry Dates 21

Posted by msmash from the troubling-signs dept.
A survey of 2,130 Americans has revealed widespread vulnerability to cyber attacks through unsupported smart devices, with 43% unaware their devices might lose software support. The security threat was underscored in December 2023 when U.S. authorities disrupted a Chinese state-sponsored botnet targeting home routers and cameras that had stopped receiving security updates. Cloudflare separately reported a record-breaking DDoS attack in late 2023, primarily originating from compromised smart TVs and set-top boxes.

The survey, conduced by Consumer Reports, found that only 39% of consumers learned about lost software support from manufacturers, with most discovering issues when devices stopped working (40%) or through media reports (15%). Most consumers expect their smart devices to retain functionality after losing software support, particularly for large appliances (70%). However, Consumer Reports' research found only 14% of 21 smart appliance brands specify support timeframes, while an FTC study of 184 devices showed just 11% disclose support duration.

'Zombie Devices' Raise Cybersecurity Alarm as Consumers Ignore Smart Tech Expiry Dates More | Reply

'Zombie Devices' Raise Cybersecurity Alarm as Consumers Ignore Smart Tech Expiry Dates

Comments Filter:

  • Easy fix (Score:5, Insightful)

    by Baron_Yam ( 643147 ) on Friday February 07, 2025 @12:28PM (#65149975)

    STOP HAVING EVERY DAMN THING NEED INTERNET ACCESS.

    For fuck's sake, let's have a standard where all your devices use non-routing protocols and have to connect to a local server before a connection to the world can be established.

    Now you have only one central device to keep updated, and 90% of its job is, from the very beginning, to keep those other devices isolated and protected.

  • The core fallacy (Score:4, Interesting)

    by JamesTRexx ( 675890 ) on Friday February 07, 2025 @12:36PM (#65150007) Journal

    There are no such things as "smart" devices.
    Only gullible consumers.

  • Forever (Score:5, Insightful)

    by merde ( 464783 ) on Friday February 07, 2025 @12:39PM (#65150011)

    In days of old, if I bought a fridge or a TV or a dishwasher I expected it to work until it broke down and the cost of repair exceeded the cost of replacement.

    As a consumer, why should me expectation be any different now?

    As a computer guy I understand about software vulnerabilities... which is why my (85 inch, expensive) TV set and fancy receiver are not connected to any network and all streaming is performed by a cheapo Amazon TV stick which can be replaced as necessary. The TV works just fine as a dumb monitor, and can continue to do so until it fails. And if the TV stick/disc player/HTPC get too old to be supported they are easy and cheap to replace.

    Of course, all the manufacturers want us to buy a new TV every few years so will schedule "end of life" to maximise shareholder value, so this problem is not going to go away in a hurry.

  • ...run away
    Avoid so-called "smart" devices that require cloud or server support, ALL of them.
    Only use devices that don't connect to the internet and maintain full function when used locally.

    • Re: (Score:2)

      by merde ( 464783 )

      Avoid so-called "smart" devices that require cloud or server support,

      This is hard to do if the objective is to stream Netflix or Spotify...

      • You buy a $30-60 streaming stick for that which can be just as cheaply replaced. Building something like that into a TV is wasteful planned obscelescence.

  • IoT is a mesd (Score:3)

    by bradley13 ( 1118935 ) on Friday February 07, 2025 @12:44PM (#65150021) Homepage
    Companies dropping support for IoT devices is a mess. People don't expect parts of their house to expire.

    • Re: (Score:2)

      by kqs ( 1038910 )

      This is the main thing. When I replace a light switch, I expect it to last for decades, not months. When I buy a washer or microwave, same thing.

  • If a "smart" appliance doesn't have a life cycle of at least 15 years, then the company that made it is running a scam.

    • The US government considers something a "durable good" if its average life is at least 3 years.

      • Figures. When I was in econ that was 10 years low, 20 years midpoint.

        If your fridge only lasted 35 years you had no right to complain.

        They would probably reduce it to "lasts beyond the manufacturer warranty" if they could.

        Like how a vaccine had to prevent infection and transmission until three years ago.

        This is why textual analysis is a bankrupt interpretation of law.

  • What is the point? My current fridge is 15 years old. It is still a decent fridge. It doesn't need replacing. I would rather have a fridge that lasts, than a fridge that needs to be replaced on a schedule like a smartphone. Same with the washing machine and the coffee machine. Not everything needs to be disposable.
  • Why are you blaming users? The manufacturers have made vulnerable devices, they are at fault.

  • If I put a camera outside my house it is going to stay there forever. If someone wants to take it down they are going to have to bring a ladder and a cop with a court order and a gun. And he's going to have to use the gun. So get out of my life.

  • This is a problem intentionally created by companies. They want scheduled obsolescence so they can make more money. And now they also want everything to have a subscription so they can make even more money AND enforce the obsolescence but not update the devices for more than a couple years. What happened to I buy a TV and hook up my device. They every few years I replace the device and not a whole TV. I do not want to throw away every electronic item in my house every couple of years.
  • For an article on Slashdot it sure low-key villanizes common sense. Why get a new device that barely better then the one you have, and have paid off? Why use a new device that's poorly programmed, poorly made, and has fewer ways to repair? And "smart" appliances are even worse. Why would anyone need a tv screen for a refrigerator door? There might be some uses for bluetooth programming a microwave, but getting a droid to remove the food and serve it to you still hasn't gotten to an affordable market level.

    • This is NOT a defense of putting medical equipment online per se but it IS a defense of allowing medical equipment to communicate with the outside world:

      Decades ago, back in the days of plain-old-telephone-service, I had a relative with a pacemaker. Once a month, she put a device up to her pacemaker. The other end of that device was an acoustic-coupled (!) modem that transmitted telemetry back to her doctor's office.

      A realistic 21st-century version would have it transmitting telemetry to your phone over s

  • To quote TFA:

    Cloudflare documented that the largest source of traffic used in DDoS attacks appears to come from compromised smart TVs and digital set-top boxes.

    Very few articles, TFA included, do a good job of explaining how zombie devices are getting enrolled in botnets. While CR is right to call out a general lack of software support - and more importantly, a lack of notice for when software support is ending - most devices should not be internet accessible by default.

    Even the most basic consumer routers

Slashdot Top Deals

UNIX is hot. It's more than hot. It's steaming. It's quicksilver lightning with a laserbeam kicker. -- Michael Jay Tucker

Close