 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Wed, Nov 2, 2011 at 2:05 PM, Gregory Boyce <gboyce at badbelly.com> wrote: > On Wed, Nov 2, 2011 at 1:10 PM, <markw at mohawksoft.com> wrote: > > At my work, here are a few vending machines. One of these machines has a > > nice little antenna on it. Presumably, it communicates via cellular > > network to the vendor in order to report on usage and supplies. Yes, good > > idea. Cool. > > > > It occurs to me that this machine, most likely, did not have to go > through > > any vetting. Not only that, I bet the grunts that stock these machines > are > > hired more for strong backs and no criminal record. > > > > So, here we have a powered machine with external wireless connectivity on > > the premises with no actual over site. It is there 24x7, powered! > > > > Think of all the cool/evil things you could put in a vending machine with > > a wireless link. Imagine having direct access to a Linux box in almost > any > > company you want. You could run any software you want. You could have > > wi-fi too. Could you break the company's wireless security? Could you > > monitor their wireless communications? Could you eaves drop on > > conversations near by? > > > > Everyone suspects the cleaning crew, and if you are interested in > > security, you do background checks. Almost no one cares about the vending > > machines. > > There's nothing that device can do to your wilreless network that a > person with a directional antennae can't already do. As long as you > don't plug it into your internal network, you're not worse off. > > As for the eavesdropping, you wouldn't need an obvious antennae for > that. There could be a camera or microphone in older vending > machines, televisions, coffee machines, fridges, ceiling tiles or even > a cabinet. These could have less obvious antennas or hey, just have > the recordings picked up occasionally during maintenance. > > There's an infinite number of things that "could" happen. You need to > consider the likelihood and impact of those sorts of attacks. In most > cases the likelihood is minimal. Impact is probably minimal as well > unless its in the board room. > _______________________________________________ > Discuss mailing list > Discuss at blu.org > http://lists.blu.org/mailman/listinfo/discuss > I think his point was more that these "smart" vending machines are becoming more commonplace. Even these days companies put ethernet jacks in the kitchen, so what *if* someone who was malicious put something inside a vending machine and plugged it into your network. Or what if it had camera/microphone, most people talk shop even in the kitchen. Speaking of that, I remember a few years ago a company I was at talking about checking ethernet jacks periodically to make sure no devices were plugged in that shouldn't be. Matthew Shields Owner BeanTown Host - Web Hosting, Domain Names, Dedicated Servers, Colocation, Managed Services www.beantownhost.com www.sysadminvalley.com www.jeeprally.com Like us on Facebook <http://www.facebook.com/beantownhost> Follow us on Twitter <https://twitter.com/#!/beantownhost>
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
