Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

The Internet of Scary Things – #IoScaryT

Maarten Ectors

on 23 February 2016

This article is more than 8 years old.


Your broadband modem is likely vulnerable to critical security bugs that allow hackers to remotely control it and you are at their mercy because your telecom operator is not going to do anything about it. Imagine a connected world with billions of things that are insecure. What should you do?

Last Thursday a critical GNU C bug was discovered that let’s anybody remotely bring down a Linux machine. This bug comes months after Shellchock, Heartbleed, LogJam, etc. All bugs that let you either remotely bring down or even take administrative control of a Linux system. Every Linux system that uses C, SSH, encryption, Bash shell, etc. is affected, i.e. most. Ubuntu users got updates before the news about these bugs was made publicly available. However did you upgrade your broadband modem since last Thursday? Did your telecom operator upgraded it? The chances that your broadband modem, WiFi access point or anything in your house or business that runs Linux, i.e. TV, Radio, home appliances, your alarm system, etc. is still not patched are close to a 100%. Cheap hardware has come at the price of badly maintained Linux. Most embedded Linux systems you find in cheap network equipment and home appliances never get an upgrade during its lifetime. Even if a telecom operator wanted to upgrade the broadband modem, they don’t have a way to rollback if the upgrade would fail. So the risk of doing the right thing comes with an even bigger risk of cutting your service if there is any failure in the upgrade.

Why worry?

Botnets can now take control of broadband modems in a country and completely disconnect it from the Internet, spy on everybody, even create RansomWare [i.e. I have encrypted all the files I found in your home or business network and if you don’t pay me I will destroy the key!].

Modern cars have a 100 million lines of codes and recent hacks like the Jeep in which hackers could take over total control of the car and drive the poor Wired journalist from the road.

Baby monitors could be hacked by Paedophiles.

In a world were 100 billion devices will be connected in the next years, it is scary to know how badly maintained lots of Linux systems are and how widespread Linux is.

What can you do?

Transactional updates has been a key feature from Snappy Ubuntu Core in which you can remotely upgrade a connected smart device and if the upgrade fails it will be automatically rolled back. By default any correctly created Snappy Ubuntu Core device will automatically upgrade when security bugs are available. Canonical, the company behind Ubuntu, has taken the stand that by default security updates should be free and installed daily.

The Internet of Scary Things – IoT can kill

Don’t be part of the club of companies that delivers devices and software to customers and prays they will never have a bug. Don’t be part of the Internet of Scary Things, #IoScaryT. Even a connected light bulb that is remotely switched on/off thousands of times a second can provoke a fire and kill the people living in that home. You can’t risk launching a connected product which does not transactionally upgrade. The risk is too high that you or the world pays a high price.

Original article

Talk to us today

Interested in running Ubuntu in your organisation?

Newsletter signup

Get the latest Ubuntu news and updates in your inbox.

By submitting this form, I confirm that I have read and agree to Canonical's Privacy Policy.

Related posts

Join Canonical in Paris at Dell Technologies Forum

Canonical is thrilled to be joining forces with Dell Technologies at the upcoming Dell Technologies Forum – Paris, taking place on 19 November. This premier...

Bringing automation to open source 5G software at Ubuntu Summit 2024

In today’s massive private mobile network (PMN) market, one of the most common approaches to PMN software and infrastructure are proprietary private business...

Life at Canonical: Freyja Cooper’s perspective as a new joiner in Communications

Canonical has developed a unique onboarding process that enables new hires to quickly settle and establish themselves in our globally distributed environment....