Help – My Thermostat is Calling China!
Phil Neray of Q1 Labs, an IBM (IBM) company posted that in the recent Chinese hack of the U.S. Chamber of Commerce’s network. One attack vector was a thermostat. The thermostat at a Chamber townhouse on Capitol Hill was communicating with an Internet address in China. At the same time, a printer spontaneously started printing pages with Chinese characters (rb- I wrote about securing printers here).
The blog says that the hackers were in the network for more than a year before being detected is not unusual. He cites the 2011 Data Breach Investigations Report, more than 60% of breaches remain undiscovered for months or longer (versus days or weeks).
rb-
This is one of the risks of the Internet of Things. Security is in the era of IoT will have to use machines to monitor the machines.
CIA Chief: We’ll Spy on You Through Your Dishwasher
Spencer Ackerman at Wired points out that more personal and household devices are connecting to the internet. They are no part of the Internet of Things. \U.S.CIA Director General David Petraeus cannot wait to use your appliances to spy on you through them.
General Petraeus recently spoke about the “Internet of Things” at a summit for In-Q-Tel, the CIA’s venture capital firm. “‘Transformational’ is an overused word, but I do believe it properly applies to these technologies particularly to their effect on clandestine tradecraft” the blog recounts.
Mr. Ackerman predicts that people will be sending tagged, geolocated data that a spy agency can intercept in real-time. This will happen when they open their Sears (SHLD) Craftsman garage door with an app on an Apple (AAPL) iPhone. “Items of interest will be located, identified, monitored, and remotely controlled through technologies such as radio-frequency identification, sensor networks, tiny embedded servers, and energy harvesters — all connected to the next-generation internet using abundant, low-cost, and high-power computing.” Petraeus said, “the latter now going to cloud computing, in many areas greater and greater supercomputing, and, ultimately, heading to quantum computing.”
Wired says the CIA has a lot of legal restrictions against spying on American citizens. But collecting ambient geolocation data from devices is a grayer area. This espcially ture especially after the 2008 carve-outs to the Foreign Intelligence Surveillance Act. Hardware manufacturers, it turns out, store a trove of geolocation data; and some legislators have grown alarmed at how easy it is for the government to track you through your Apple iPhone or Sony (SNE) PlayStation.
rb-
The implications of the “Internet of Things” are profound when linked to the transformational nature of the connected home network. The CIA sees great opportunities in wired home devices. Any home gadget with RFID, sensor networks, embedded servers, or energy harvesters is ripe for interception by spy agencies.
Koubachi Wi-Fi Plant Sensor Gives Your Plant a Voice
at CeBIT 2012 in Hannover Koubachi, the Swiss start-up company behind the popular iPhone plant care assistant presented its newest innovation. It is called the Koubachi Wi-Fi Plant Sensor according to ITnewsLink. Building on the success of its popular interactive plant care assistant, the sensor integrates into the Koubachi system to literally gives your plant a voice.
The Wi-Fi Plant Sensor measures soil moisture, light intensity, and temperature. Using Wi-Fi, the data is sent to the Koubachi cloud. There it is analyzed by the Koubachi Plant Care Engine. The plant owner gets detailed care instructions on watering, fertilizing, misting, temperature and light through push notifications or email. “The Koubachi Wi-Fi Plant Sensor is the first device ever that enables real-time monitoring of the plant’s vitality,” says Philipp Bolliger, CEO of Koubachi. “It’s a truly unique product in the field of “Internet of Things” and bringing state-of-the-art technology to plant care.”
Smart Gadgets are Like Sleeper Cells in Your Kitchen
Manufacturers are “future-proofing” their appliances with “Internet of Things” capabilities that are latent for now. Christopher Mims at MIT’s Technology Review asserts that major appliances bought in the last three years probably contain a Zigbee capable wireless radio. The radio can send out information about a device’s status and energy use and receive commands that alter its behavior.
Many appliance makers don’t announce these capabilities. Mr. Mims interviewed Mike Beyerle, an engineer at GE (GE) about GE‘s Nucleus home energy management system. “We want to build up a base before we make a big deal out of it,” says Mr. Beyerle.
The author says that manufacturers aren’t telling consumers what their devices are capable of. They are reluctant to do so in part because the abilities are useless without an energy management hub like GE’s Nucleus or a utility company‘s smart meter. In both cases, smart appliances must be “bound” to a hub to communicate with the outside world.
Once a device is hooked up to an energy management system and becomes part of the IoT, it gets interesting. Mr. Mims says that users who signed up for a “demand response” program with their utility to get a lower bill, enable the utility to control their appliances. For example, a refrigerator’s icemaker’s defrost cycle or the elements in a clothes dryer can be manipulated to drive down power use during times of peak demand.
rb-
Most people do not realize that installing a new smart meter can activate a technological sleeper cell in their HDTV, kitchen, or laundry room. All of these “smart” devices will be part of the “Internet of Things.” They will have an IP address (probably an IPv6 address) and will be broadcast via a Zigbee wireless network. This is why the CIA says it can spy on people through their dishwasher.
Connected Kitchen
Engadget says the Samsung RF3289 fridge is designed to let users access Pandora or tweet while grabbing a snack. Samsung touts it as the first to feature integrated WiFi. The Wi-Fi also offers the ability to view Google calendars, check the weather, download recipes from Epicurious, or leave digital notes
Engadet also reports LG’s Thinq line of connected appliances includes vacuum, oven, refrigerator, and washer/dryer. They support Wi-Fi and ZigBee to communicate with each other, the smart meter, smartphones, and tablets. That’s a pretty strong foundation to build the Internet of Things especially if the home is already equipped with ZigBee devices. CNET says the line can be troubleshot remotely; tech support can log in to the device see what’s wrong and fix it. Kenmore has a similar product line.
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
3. The 
4. 
7. Scareware tactics and the use of rogue anti-virus, will stage a comeback. With easy to acquire malicious tool kits, designed to cause massive exploitation and compromise of websites, rogue application crimeware will reemerge Websense says. Except, instead of seeing “You have been infected” pages, they expect three areas will emerge as growing scareware subcategories in 2012: a growth in fake registry clean-up, fake speed improvement software, and fake back-up software mimicking popular personal cloud backup systems. Also, expect that the use of polymorphic code and IP lookup will continue to be built into each of these tactics to bypass blacklisting and hashing detection by security vendors. (Rival IT Security firm 
Cloud computing is a term even non-IT folks would have heard about at least once by now fueled by the concept of Software-as-a-Service (SaaS) and virtualization. The idea is that IT services and processing capabilities could be more efficiently housed in a data center and delivered over the Internet based on demand.
Now that the last 
Microsoft ponied up $7.5 million for the Nortel pool, which works out to $11.25 per IP address. There were 13 other interested buyers, but only Microsoft and three others actually submitted bids according to DownloadSquad. With the last block of IPv4 addresses already issued (which I 
