If you're worried, Motherboard is pointing people to an online scanning tool from BullGuard (a U.K. anti-virus firm) which checks whether devices on your home network are listed in the Shodan search engine for unsecured IoT devices. But earlier this month, Brian Krebs pointed out the situation is exacerbated by the failure of many ISPs to implement the BCP38 security standard to filter spoofed traffic, "allowing systems on their networks to be leveraged in large-scale DDoS attacks..."
FreeBSD 11 supports both the ARMv8 and RISC-V architectures, and also supports the 802.11n wireless networking standard. In addition, OpenSSH has been updated to 7.2p2, and OpenSSH DSA key generation has been disabled by default, so "It is important to update OpenSSH keys prior to upgrading."
"Network administrators need to know exactly what is in the environment, or the network -- including when an adversary has switched out one device for another. In other words, is the smart thermostat we see today the same one that was there yesterday? We are looking for a unique identifier or fingerprint to enable administrators to enumerate the IoT devices while passively observing the network... " Their registration form will be open through October, and the challenge will end after four weeks in November, or "whenever someone wins."
A lot of things have been fixed since last week's RC8 milestone, among which we can mention lots of updated drivers, in particular for GPU, networking, and Non-Volatile Dual In-line Memory Module (NVDIMM), a bunch of improvements to the ARM, MIPS, SPARC, and x86 hardware architectures, updates to the networking stack, as well as to a few filesystem, and some minor changes to cgroup and vm.
The kernel now supports the Raspberry Pi 3 SoC as well as the Microsoft Surface 3 touchscreen.
Splunk CTO Snehal Antani suggests earlier "shift left" code testing and continuous delivery, plus a wider use of security analytics. But he also suggests a moving target defense "in which a shapeshifting network can prevent reconnaissance attacks" with software defined networks using virtual IP addresses that would change every 10 seconds. "This disrupts reconnaissance attacks because a specific IP address may be a Windows box one moment, a Linux box another, a mainframe another."
-A default, hardcoded Wi-Fi Protected Setup (WPS) PIN, as well as a weak WPS PIN generation algorithm
- Multiple vulnerabilities in the HTTP daemon
- Hardcoded remote Firmware Over The Air credentials
- Lowered security in Universal Plug and Play, and more.
"At best, the vulnerabilities are due to incompetence; at worst, it is a deliberate act of security sabotage from the vendor," says Kim, and advises users to stop using the device until adequate fixes are provided.
Raspberry Pi founder and CEO Eben Upton has responded to questions submitted by Slashdot readers. Read on for his answers.
"While we can't speak to this particular case," Cisco wrote in a follow-up, "Cisco has conducted extensive research, dating back to 2001, on the effects cosmic radiation can have on our service provider networking hardware, system architectures and software designs. Despite being rare, as electronics operate at faster speeds and the density of silicon chips increases, it becomes more likely that a stray bit of energy could cause problems that affect the performance of a router or switch."
Friday a commenter claiming to be Xander Thuijs, Cisco's principal engineer on the ASR 9000 router, posted below the article, "apologies for the detail provided and the 'concept' of cosmic radiation. This is not the type of explanation I would like to see presented to the respected users of our products. We have made some updates to the DDTS [defect-tracking report] in question with a more substantial data and explanation. The issue is something that we can likely address with an FPD update on the 2x100 or 1x100G Typhoon-based linecard."