Your daily round-up of some of the other stories in the news
When a carwash goes rogue
We’ve written about hacking cars on Naked Security, and we’re all too well aware of the vulnerabilities of devices connected to the Internet of Things. But the news that a connected carwash could potentially be vulnerable to attacks has pretty much floored us.
First, we have to ask: why on earth does a carwash need to be connected? It turns out that some carwashes made by PDQ not only come with huge whirly brushes and water jets, but also with a web server that, according to Bleeping Computer, allows staff to manage the contraption remotely.
And, according to researchers led by Billy Rios, that web server comes with a default password that’s common to all the models identified in their alert, which means that if it’s not changed anyone could take control of the carwash.
The researchers said in their presentation at Black Hat in Las Vegas that they’d actually alerted the manufacturer to the vulnerability two years ago, but that it hadn’t yet been patched.
The research makes for scary reading: they said they could potentially lock cars with customers and operatives inside the carwash and direct water at them.
Next time you’re thinking of getting the car washed, you might want to check out what model your local garage has installed – and maybe pick somewhere else.
Man sentenced for Mirai attack on Deutsche Telekom
A British man was given a suspended sentence at a court in Germany on Friday after he admitted to having been behind the Mirai attack last year that knocked out nearly one in 20 German customers of the ISP Deutsche Telekom.
The 29-year-old man, identified as Daniel K, told the court in Cologne last week that the attack was “the worst mistake of my life”, and, according to Sky News, claimed that he’d been paid £7,700 by a Liberian company to develop a botnet.
The man, who uses the online handle “Spiderman”, is also facing charges in the UK, where authorities have asked for his extradition.
Deutsche Telekom said the attack had caused damages totalling €2m, and added that it’s considering a civil lawsuit against the man, who was arrested at Luton airport in the UK in February.
End of the line for the iPod
It’s the end of an era for those of us whose first experience of digital music on the move was Apple’s iconic iPod: the Cupertino company has said that it’s to finally retire its venerable iPod Nano and iPod Shuffle.
Those two devices are the last in the line of a product that was born back in 2001, launched by Steve Jobs with the tagline: “1,000 songs in your pocket”. The very first iteration was Mac-only and had a mechanical clickwheel and a mono screen, with a similar Windows-friendly version following soon after.
From there the iPod acquired a touchwheel and a colour screen, and then the ability to store and display photographs before shrinking down into the much smaller Shuffle and Nano devices, and also evolving into the iPod Touch, the immediate precursor to the iPhone.
While we mourn an iconic piece of hardware, let’s not forget that it wasn’t the first digital music player to sport a hard drive, and many of us would very much like to see iTunes, which was developed to manage the iPod, follow the device into oblivion.
But the writing was on the wall for the iPod as smartphones acquired not only the ability to play music, but also decent-sized hard drives. Meanwhile, I’m going to dust off my first-gen iPod Touch (running iOS 5) and see if a museum would like to give it a home.
Catch up with all of today’s stories on Naked Security
4 comments on “News in brief: beware the hacked carwash; man sentenced over Mirai attack; farewell to the iPod”
“many of us would very much like to see iTunes, which was developed to manage the iPod, follow the device into oblivion.”
OMG, THIS! I still use my Touch while running, but iTunes hasn’t been in my house for years. If any software claiming to be entertainment got closer to a police state…I’ve never seen it. [Insert visceral synonyms for hatred here.]
I hope the Liberian company that contracted Mr Daniel K is held as responsible as he is, if not more so. Since they conspired the crime.
Can you do a follow up on the company, who they are, what their goal was with the botnet and such?
RE: Rogue Carwash; Uh, gee thanks – I think. How about a list of vendors that use this useless and dangerous control system so we can avoid getting our wipers ripped off, and being locked inside our cars while the soap and high temp water is sprayed in our faces?
Not to mention the robot arms scraping our paint job while we watch helplessly from our so-called “control cabins”?
Or do you suggest that we take the initiative and try to search the Unterweb for the nefarious commercial outfits that use this Command and Control system?
I still use my 1GB 1st gen iPod Shuffle from 2003. It is the only piece of 14 year technology I still use, mainly due to it’s design. It is small, has little in the way of moving parts, can be plugged into a USB port without a cable, weighs next to nothing and is practically indestructible. If only all my tech was this reliable and long lasting!