Keyser, Samsung, Saint Jude Hoops discussed on .NET Rocks!

.NET Rocks!
|

Automatic TRANSCRIPT

Free strong network background words like I unplugged my Samsung TV from the network. For a reason having conversations, I did not expect it to have, and I'm like, I don't care. You're talking to your talking to exactly nobody from now on. And that's also like, you know, is not edge computing because you have one device that speaking to all of the other smaller less smart devices. I think that that is an easy away to able to disconnect the whole thing if you need to. Right. Yeah. But it is interesting thinking security built in as your fear is of sept- awards. That is that we are headed down this software defined networking path, where part of your manifest for your application will be exactly what devices communicate with what other devices in what ways so that by default, everything's turned off, there's no communication between devices. You literally provide a manifesto, communication you're allowed, which is the opposite of the way networking works these days. Yeah, totally. So you have things like you have MAC address, white Lewis, instead of like just reactively blacklisting things like that. Right. I like existed still. Once you're on that weightless. Do you want? Yeah. What poor who now you go to port level now you go to level but really wanna talk protocols. What are the kinds of messages you sending? What's the shape of them with Keyser your are using? I mean, you can get quite specific if we get all the way down there. That's from an app perspective. I think we'll have a lot more control. It should be part of the manifest when you're coatings like these are the commands. I'm going to issue. You see other commands mew should ask me. Totally without. This would be a really easy way to declare Wli say what the purpose of the devices in that it's not allowed to be outside of that. I think that's a really good point. If that's the correct paraphrase with that, I think developer knows what the intended use of their saw of their systems are. For the most part, you may not know exactly the commands that are being issued. But you know the fact that from a network perspective, we're coming up on that makes far more sense for it to come down from a programming perspective that the same way that you build tests around behavior, you have a manifest of of networking, and so many problems go away. If only allow me to say the following things in the following way and everything else is wrong. So I'm really interested in some of the stories of the, you know, these bad hacks that happened to IOT and found a site called at not for all, and it's a an article, the five, worst IOT hacking vulnerabilities and will put a link in the show notes. But I'm wondering if there are any stories that stick out to you sues. I mean, you're, you're obviously interested in OT insecurity and these attacks are are hard and, but but they happen. So the rain really, really spectacular. Things that come to mind. Honestly, the biggest one for me was the one that I mentioned earlier, which was the Mirai Melwood which caused any device with hod bakes, you know credentials into it such as Adleman and possibly as the username password Siebel to start day dosing things around the world to me, that's definitely still the biggest one in my mind just because of the scale of the damage that was done. Here's here's one on the list, the Hackel cardiac devices from Saint Jude hoops. And so the new story on CNN was the FTA confirmed that Saint Jude medicals implantable cardiac devices have vulnerabilities that could allow a hacker to access the device. Once in they deplete the battery or administer incorrect pacing or shocks the FDA said the devices like pacemakers and defend realtors are used to monitor and control patient's heart functions and prevent heart attacks, not so much if somebody can connect with their iphone. Yeah, you really don't want medical devices to be hacked. That's bad now. I know. And actually this this site like reminds me of the second on that I had, which was people starting to the canvas her calling 'cause and things like that..

Coming up next