[governance] TitaDYN

Lee W McKnight lmcknigh at syr.edu
Sun Oct 23 16:10:26 EDT 2016


Hi,


I have been using the DYN attack as a teachable moment for my students, and will speak on the topic of IoT cybesecurity at a confernce at Northwestern University Law School later this week To keep it short, my tweeted reply to a story detailing the attack method - on Dyn's DNS infrastructure - and a retweet - is pasted below.


LeeMcKnight<https://twitter.com/i/redirect?url=https%3A%2F%2Ftwitter.com%2FLeeMcKnight%2Fstatus%2F790017950564614144%3Fcn%3DcmVwbHk%253D%26refsrc%3Demail&t=1&cn=cmVwbHk%3D&sig=c2f5f552d1c441373628a85fada461f2d4d2b7ce&iid=720c9e804cf94b6aa34bd5e3c53216cd&uid=16413565&nid=27+223>   @LeeMcKnight<https://twitter.com/i/redirect?url=https%3A%2F%2Ftwitter.com%2FLeeMcKnight%2Fstatus%2F790017950564614144%3Fcn%3DcmVwbHk%253D%26refsrc%3Demail&t=1&cn=cmVwbHk%3D&sig=c2f5f552d1c441373628a85fada461f2d4d2b7ce&iid=720c9e804cf94b6aa34bd5e3c53216cd&uid=16413565&nid=27+223>
Oct 23<https://twitter.com/i/redirect?url=https%3A%2F%2Ftwitter.com%2FLeeMcKnight%2Fstatus%2F790017950564614144%3Fcn%3DcmVwbHk%253D%26refsrc%3Demail&t=1&cn=cmVwbHk%3D&sig=78e6f16b8889d3ba85fe461c4b454c024ec01427&iid=720c9e804cf94b6aa34bd5e3c53216cd&uid=16413565&nid=27+1489>
Bad IoT is the fault of the cyberattackers; or quick and dirty industry shortcuts compromising....everyone and everything online? twitter.com/bitfield/statu...<https://t.co/redirect?url=https%3A%2F%2Ft.co%2FGa4ouUuN8a%3Fcn%3DcmVwbHk%253D&t=1&cn=cmVwbHk%3D&sig=f06484adc01739e9929a177bdd14572aad8c1704&iid=720c9e804cf94b6aa34bd5e3c53216cd&uid=16413565&nid=27+228>

<https://twitter.com/i/redirect?url=https%3A%2F%2Ftwitter.com%2Fbitfield%3Fcn%3DcmVwbHk%253D%26refsrc%3Demail&t=1&cn=cmVwbHk%3D&sig=5f1af50ebd002045b8bd18ee00e1288aa9a97884&iid=720c9e804cf94b6aa34bd5e3c53216cd&uid=16413565&nid=27+1262>
John Arundel<https://twitter.com/i/redirect?url=https%3A%2F%2Ftwitter.com%2Fbitfield%3Fcn%3DcmVwbHk%253D%26refsrc%3Demail&t=1&cn=cmVwbHk%3D&sig=5f1af50ebd002045b8bd18ee00e1288aa9a97884&iid=720c9e804cf94b6aa34bd5e3c53216cd&uid=16413565&nid=27+1262>

@bitfield<https://twitter.com/i/redirect?url=https%3A%2F%2Ftwitter.com%2Fbitfield%3Fcn%3DcmVwbHk%253D%26refsrc%3Demail&t=1&cn=cmVwbHk%3D&sig=5f1af50ebd002045b8bd18ee00e1288aa9a97884&iid=720c9e804cf94b6aa34bd5e3c53216cd&uid=16413565&nid=27+1262>

Oct 23<https://twitter.com/i/redirect?url=https%3A%2F%2Ftwitter.com%2Fbitfield%2Fstatus%2F790154915523989504%3Fcn%3DcmVwbHk%253D%26refsrc%3Demail&t=1&cn=cmVwbHk%3D&sig=102a85a037f898b55f4b347ad350e443b6ad07ae&iid=720c9e804cf94b6aa34bd5e3c53216cd&uid=16413565&nid=27+1489>
  @LeeMcKnight<https://twitter.com/i/redirect?url=https%3A%2F%2Ftwitter.com%2FLeeMcKnight%3Fcn%3DcmVwbHk%253D%26refsrc%3Demail&t=1&cn=cmVwbHk%3D&sig=57171a3a60037da8ac6a144247572422d61ce2b5&iid=720c9e804cf94b6aa34bd5e3c53216cd&uid=16413565&nid=27+1271> someone has wisely pointed out that this is a tragedy of the commons.


Lee again, summarizing in more or less full sentences what I have been warning about: sloppy/fast and dirty code + cheap. stupid so-called smart  IoT devices = a mega-disaster in the making. Now, combining future 5G + sloppy/fast and dirty code + cheap. stupid so-called smart  IoT devices, absent law, technology and policy  changes = a rolling series of mega-disasters to put the cheesiest Hollywood disaster movie to shame.

But yeah, nothing to worry about here folks, Dyn got its DNS back under control after a day. Keep buying and using - bad  IoT product and code.

Lee


,


________________________________
From: governance-request at lists.igcaucus.org <governance-request at lists.igcaucus.org> on behalf of Jefsey <jefsey at jefsey.com>
Sent: Sunday, October 23, 2016 11:37 AM
To: governance at lists.igcaucus.org
Subject: [governance] TitaDYN


Interested in knowing if anyone noticed the attack on DYN's and
thought about its implications?
jfc


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.igcaucus.org/pipermail/governance/attachments/20161023/6baf9285/attachment.htm>
-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.igcaucus.org
To be removed from the list, visit:
     http://www.igcaucus.org/unsubscribing

For all other list information and functions, see:
     http://lists.igcaucus.org/info/governance
To edit your profile and to find the IGC's charter, see:
     http://www.igcaucus.org/

Translate this email: http://translate.google.com/translate_t


More information about the Governance mailing list