Unfortunately, network configuration and computer security aren’t easy. Even a relatively small home setup requires a great deal of care. We really need better methods to set up and maintain secure computer networks. We need better methods to set up new networks. And since the existing networks won’t go away, we need better methods to monitor and fix networks. These methods need to be very easy to use and friendly to non-experts.
The past several years have brought us news reports of computing systems being used aggressively against infrastructure:
We have also seen security problems in home IoT devices. Security problems have allowed spying as well as using these devices as bots in attacks against others. I think it is time that we start to apply some simple civil defense principles to our home computing systems, both our general-purpose computers as well as embedded. I have increased my work to protect my home information and devices for a few months and I plan to continue and step up my efforts.
Backups have always been important to protect information. Given threats from ransomware and other techniques that attempt to compromise devices on a machine or a network, I keep copies of my files offline, making them harder to attack.
The recent reports of router vulnerabilities caused me to review my router configurations.
I continue to check my device passwords: I use non-trivial passwords, a wide range of passwords, and I do my best to be sure that passwords are enabled and non-default.
I am also careful about what devices I put on my network—if I don’t need it, I don’t add it to my network. More devices make for more points of vulnerability.
Extremetech reports here on a Samsung announcement of new LPDDR5 memory for 5G and automotive applications.
The Anchorage Daily News reports here that Alaska’s two Blockbuster Video stores, one in Anchorage and one in Fairbanks, are closing. One Blockbuster store remains in Bend, Oregon.
Fox 2 Detroit reports here on a gas pump hacking that resulted in the theft of large quantities of gasoline. Police confirmed that the technique used by the thieves prevented the attendant from stopping the theft from the console.
The U. S. Departments of Commerce and Homeland Security released here a report on resilience against botnet attacks. Two goals cited in the report are particularly interested to embedded computing practitioners:
• Goal 3: Promote innovation at the edge of the network to prevent, detect, and mitigate
automated, distributed attacks.
• Goal 4: Promote and support coalitions between the security, infrastructure, and operational technology communities domestically and around the world.
Tom’s Hardware reports here that a default password on a U. S. Department of Defense router allowed the theft of sensitive documents.