@nadnerB said in New cameras from Netgear-Arlo:

@Dashrender said in New cameras from Netgear-Arlo:

@Jason said in New cameras from Netgear-Arlo:

@Dashrender said in New cameras from Netgear-Arlo:

@Jason said in New cameras from Netgear-Arlo:

@JaredBusch said in New cameras from Netgear-Arlo:

The next IoT device to add to the botnet

Yup. Get a DVR and use a VPN or SSL not something that uses their online service...

I don't have a problem with using someone's online service as long as my device doesn't need to be published through my own router. Sure if the vendor gets hacked, the hackers could use that connection to try to get back into my network, but I'm a soft target compared to the vendor's network.

Not really.. Not when there's millions of those devices to uses in a DDoS. You all become part of the plan.

I get what you're saying, but normals want remote access their DVRs and setting up access through a cloud provider that then has a secure connection to the DVR is way better than normals trying to setup and maintain VPNs, etc.

Or people could be content to miss whatever it is. 😉 I'm sure people will live and civilisation continue if DVR's and other toys aren't accessible outside home LANs 🙂

While it's true that people would learn to cope, but the cat's already out of the bag. Unless ISPs start blocking outbound traffic, you can't stop someone from doing this. Plus there are already probably millions of those things out there, it's not like people are just going to give them up tomorrow if they saw the news and realized they were partly to blame for these types of problems.

I do wish that ISPs were the tiniest bit more altruistic and would take a list from the forensic analysis of large attacks like this and at minimum send emails to their customers who's IP was on the list of those participating in the attacks.
AND while it's much less effective now considering the number of IoT devices available to attack with real IPs, I wish ISPs would drop outgoing packets that have forged return addresses.