So Schneier has a book on how IoT will doom us based on the same reasoning why Windows was going to doom us all ten years ago. Yet, Windows didn't doom us, and neither will IoT.
It's like Paul Ehrlich's book "Population Bomb": all his predictions have spectacularly failed to come to pass, yet this doesn't stop True Believers, because it's Moral Truth.
IoT is secure. You don't believe it because of your religious faith, but mathematically, it's true. There's 10 billion IoT devices in the world but only tiny problems due to this.
It's amazing watching Bloomberg doubling down on its bad hardware hacking story. Instead of addressing the bad reporting pointed out in the original story, it continues with the bad reporting in new stories.
This is technical gibberish, telling techies nothing. Is it one MAC address or two? Or two IP addresses on one MAC address? Networking isn't so complex that you have to avoid sufficient details.
Vagueness and confusion in such simple technical details is an indication the journalist or the source is fudging them.
So this New Yorker story quotes me as the lone dissenter on the Trump-Alpha scandal. At least it gets some details correct, like how the server in question is located in rural Pennsylvania and not Trump Tower. newyorker.com/magazine/2018/…
To clarify my position: the DNS lookups may be evidence of some sort of relationship, some extraneous artifact of some other communications, but are not themselves part of a covert communications channel.
The Trump Organization had no control over the server. The server is just a bulk spam/marketing email sender and had no ability to communicate otherwise. The DNS lookups lead to nowhere.
1/ So in today's sermon, I thought I'd point that you are wrong obsessing about the three-way-handshake in establishing TCP connections. How connections are closed is far more important than how they are opened.
2/ You can see this in the TCP state diagram. There's 4 states for opening a connection, and 7 (almost double) for closing a connection. The reason you like the three-way-handshake is because you understand it, but don't really understand how they are closed.
3/ One thing missing from this diagram is the 'shutdown(fd,SHUT_WR)' system call that closes only one side of the connection. It sends a FIN to the remote side, which ACKs it, but that only closes that direction. Data can flow in the other direction, until a FIN happens there.
In case you were wondering, the "baseband managment controller" is a wholly separate computer inside your computer, either layered on top of your existing Ethernet controller, or even with it's own separate Ethernet port. supermicro.com/products/nfo/I…
It runs it's own operating system, often Linux. Putting your own flash chip, or even updating the correct flash chip with your own image, allows you to subvert the code and install your own malware/virus into the computer, regardless of the "real" operating system installed.
Thus, your BMC "virus" can then contact a C&C server on the Internet and download more interesting things to the server. This more complex code can first check the "real" operating system installed.
2/ Not only is Bloomberg overly relying upon anonymous sources, they aren't even first hand sources, or secondhand, but people vaguely "brief" on the subject. At this point, it's rumor in the intelligence community they are passing along.
3/ What's important about this is that whenever you pass technical details through multiple layers of non-techies, they get garbled. There may be something true about this story that's still unrelated to translated version in the story.