BitDefender's senior threat analyst Bogdan Botezatu despairs of IoT security
The Internet of Things is exactly as bad a security nightmare as pessimists think it is, according to Bitdefender's Bogdan Botezatu.
The senior threat analyst at the Romanian security software company called by to chat to Vulture South while in Australia (we were, I suspect, meant to discuss the company's 2017 launches, but conversation digressed from the start, and there's plenty of time between now and the end of the year).
The Register has long been following the persistent awfulness of “SOHOpeless” broadband routers, but Botezatu says they've already been overtaken by the awfulness of other things.
“We get a lot of telemetry in our vulnerability assessment labs,” he said. “The router is no longer the worst device on the Internet. It's now the printer.”
That's a pretty big claim to make, given that in in less than a month, we've discussed the no-we-won't-fix-it Inteno router from Sweden and the record-setting Chinese surveillance router.
Botezatu himself has been horrified by routers acting as “smart home gateways”: for example last year, he tested one such device, and was pleased at its default security posture, but there was one problem.
“It allowed unauthenticated downgrades to the firmware,” he said. “So it doesn't matter that it looks secure.”
But the printers still win out: many, he said (without identifying the guilty party), offer public shares that are visible to the Internet (because lots of home users also leave their routers too close to default configuration).
MORE
The Internet of Things is exactly as bad a security nightmare as pessimists think it is, according to Bitdefender's Bogdan Botezatu.
The senior threat analyst at the Romanian security software company called by to chat to Vulture South while in Australia (we were, I suspect, meant to discuss the company's 2017 launches, but conversation digressed from the start, and there's plenty of time between now and the end of the year).
The Register has long been following the persistent awfulness of “SOHOpeless” broadband routers, but Botezatu says they've already been overtaken by the awfulness of other things.
“We get a lot of telemetry in our vulnerability assessment labs,” he said. “The router is no longer the worst device on the Internet. It's now the printer.”
That's a pretty big claim to make, given that in in less than a month, we've discussed the no-we-won't-fix-it Inteno router from Sweden and the record-setting Chinese surveillance router.
Botezatu himself has been horrified by routers acting as “smart home gateways”: for example last year, he tested one such device, and was pleased at its default security posture, but there was one problem.
“It allowed unauthenticated downgrades to the firmware,” he said. “So it doesn't matter that it looks secure.”
But the printers still win out: many, he said (without identifying the guilty party), offer public shares that are visible to the Internet (because lots of home users also leave their routers too close to default configuration).
MORE
