Cybersecurity

9008 readers

49 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

FCC Launches 'Cyber Trust Mark' for IoT Devices to Certify Security Compliance (thehackernews.com)

submitted 1 year ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

10 comments fedilink hide all child comments

top 10 comments

sorted by: hot top controversial new old

[–] vk6flab@lemmy.radio 16 points 1 year ago (1 children)

Guaranteed to have a backdoor installed?

[–] ILikeTraaaains@lemmy.world 6 points 1 year ago

Same security as a TSA approved lock?

[–] deafboy@lemmy.world 3 points 1 year ago (1 children)

Meanwhile, the vendors are introducing security vulnerabilities marketed as features, even in protocols that would be reasonably secure otherwise...

[–] 0x0@programming.dev 4 points 1 year ago (2 children)

Such as?

[–] deafboy@lemmy.world 2 points 1 year ago (1 children)

Zigbee devices that can be remotely reset back into pairing mode.

[–] dajoho@sh.itjust.works 1 points 1 year ago (1 children)

Oh man I was just about to zigbee everything in my house. Have you got more information about this?

[–] deafboy@lemmy.world 1 points 1 year ago

It's a vendor specific thing, so if that bothers you, just look up the pairing procedure for each device before buying.

As far as I remember, the philips bulbs can be reset by holding on and off buttons on the remote. This functinality has a limited range, but a sophisticated attacker could probably just bring a better antenna.

In practice, the compatibility issues will probably keep you busy enough not to think about the theoretical attacks.

Sorry, I didn't mean to discourage you. Practically all the lights in my house, and some other stuff like blinds and aquarium equipment, are running on zigbee. When you finally tune it just right, it's pretty great.

[–] GrumpyDuckling@sh.itjust.works 2 points 1 year ago (1 children)

Well apple just got in trouble for eavesdropping on it's users, so..

[–] 0x0@programming.dev 2 points 1 year ago

I doubt Siri eavesdropping was a bug.

[–] Telorand@reddthat.com 2 points 1 year ago

"Goddamnit, Cyber Trust Mark! None of these devices are remotely secure enough! I knew we should have sprung for the more expensive Cyber Trust Kelly, but everyone was like, 'nO, tHiS mOdEL iS BaSiCaLly tHe SaMe...SaVe A fEw DoLlArS...'"