Path: ...!weretis.net!feeder8.news.weretis.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: Don Y Newsgroups: sci.electronics.design Subject: Insidious creep Date: Mon, 11 Mar 2024 22:13:15 -0700 Organization: A noiseless patient Spider Lines: 24 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Injection-Date: Tue, 12 Mar 2024 05:13:19 -0000 (UTC) Injection-Info: dont-email.me; posting-host="cd61f5e18330181594e65cc325aef3d5"; logging-data="140210"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18ghw+YHG6yZLddLSGRR9VM" User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2 Cancel-Lock: sha1:DqjIzTNThk5b4gafZmH587plSX8= Content-Language: en-US Bytes: 1753 Wow, it sure looks like EVERYONE wants a chance to sit inside your firewall! Rescued another UPS, today. It pitches a remote service that they want you to sign up for -- free updates, remote power monitoring, etc. Of course, to do so, you've got to let it talk to the outside world. And, now you've got a pwnplug that can be controlled from that outside world! Of course, any previous UPS with a NIC could snoop your internal traffic. But, an SysAdm worth his salt would block said device(s) from outgoing traffic. OTOH, if the vendor cons^Hvinces you to willingly open that door... It's sure gonna be fun when some actor decides to really take down our infrastructure -- by pwning those vendors and all of the kit that they control!