Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - HomeKit Would Have Prevented DDOS IoT Botnet

macs4all writes: According to an Article in, the security measures built-into Apple's HomeKit home-automation protocol would most likely have prevented the widescale takeover of IoT devices that enabled the DDOS attack on Dyn.

"To prevent another Mirai attack, or a similar assault harnessing IoT hardware, offending devices might require a recall, Krebs says. Short of a that, unplugging an affected product is an [likely the only --ed.] effective stopgap.

By contrast, as detailed in this Security Brief, Apple's HomeKit features built-in end-to-end encryption, protected wireless chip standards, remote access obfuscation and other security measures designed to thwart hacks. Needless to say, it would be relatively difficult to turn a HomeKit MFi device into a DDoS zombie.

Apple uses the Secure Remote Password (3,072-bit) protocol to establish a connection between an iOS device and a HomeKit accessory via Wi-Fi or Bluetooth. Upon first use, keys are exchanged through a procedure that involves entering an 8-digit code provided by the manufacturer into a host iPhone or iPad. Finally, exchanged data is encrypted while the system verifies the accessory's MFi certification.

When an iPhone communicates with a HomeKit accessory, the two devices authenticate each other using the exchanged keys, Station-to-Station protocol and per-session encryption. Further, Apple painstakingly designed a remote control feature called iCloud Remote that allows users to access their accessories when not at home.

Apple's coprocessor is key to HomeKit's high level of security, though the implementation is thought to have delayed the launch of third-party products by months. The security benefits were arguably worth the wait.

At its core, HomeKit is a well-planned and well-executed IoT communications backbone. The accessories only work with properly provisioned devices, are difficult to infiltrate, seamlessly integrate with iPhone and, with iOS 10 and the fourth-generation Apple TV (which acts as a hub), feature rich notifications and controls accessible via Apple's dedicated Home app. And they can't indiscriminately broadcast junk data to the web.

The benefits of HomeKit come at cost to manufacturers, mainly in incorporating Apple's coprocessor, but the price is undoubtedly less dear than recalling an unfixable finished product."

Comment Re:Is it all the tablet's fault? (Score 2) 215

The software should be smart enough to recover without rebooting.

And you have just hit on the difference that makes all the difference.

If Windows in a mobile application is finicky about re-establishing broken network connections, then that would be the kiss of death in a crowded WiFi environment.

Can anyone with Surface Pro 4 and W10 experience, who is not a shill, speak to how robust the WiFi/network hardware and software stack is under iffy WiFi conditions?

Comment Re:Aside from wi-fi (Score 1) 215

They run exactly one application. They are locked down to run nothing else. They boot into the application. What is it that this application does? It shows overhead pictures of plays so that players and coaches can review the on-field strategy.

Prior to the NFL's decision to use tablets, the pictures were printed in the team booth and delivered to the sidelines by runners. Why replace something that works with something new? Product placement $$.

In short it was a technical decision made by the marketing dept. ("Hey, Microsoft will pay us for product placement... Somebody crap out an app over the weekend!")

Ok, so that explains the first couple of games; but I do think that they have had enough time to figure this out and fix it; and it's far-past getting embarrassing enough that even Joe-Six-Pack understands there is something wrong.

So, perhaps there is a systemic problem afterall. And with the comments in this thread about the incredibly high failure rates for the Surfaces themselves, I'd bet that it isn't just something like crowded WiFi. If that were the case, the NFL would have LONG ago forced people to turn off their phones, or put them in Airplane Mode.

Comment Re:Hardware or Software? (Score 1) 215

What I find is that if common USB devices (keyboard, mouse) are not being detected and installed properly by any of the USB ports then that Windows computer typically does not have the right versions of the chipset drivers and/or the USB drivers installed. It's interesting that people here are willing to put a tonne of effort to get Linux to work but aren't willing to go through basic troubleshooting steps, such as downloading the latest drivers, to get Windows to work.

If your OS needs a Driver to provide basic functionality with a USB HID device, the problem is with the OS, sorry!

I can plug ANY random USB keyboard or Mouse into a Mac, and the MOST you will see is a "Identify this Keyboard" "Assistant" pop up the first time. And NEVER even that with a Mouse. It Just Works.

Now if you want some "Advanced"/"Non-standard" Features, THEN you will likely have to install some software; but just to get basic functionality going. NEVER.

Comment Re:Hardware or Software? (Score 4, Interesting) 215

It doesn't work. A balloon states it is searching for a driver for the mouse. What for? Does Windows have different drivers for the same mouse if we plug it on different USBs? Why the f*? I do it at home in Linux all the time, I can connect the mouse to any of the USB ports. It works instantly. Why not in Windows (which idiots say it's easier)?

I can't speak to the Surface; but my work laptop, a Samsung RV511 running Win 7 Pro, has 3 USB ports. Two on the left side, and 1 on the right. I can plug something into either of the Left ports with no complaint; but if I plug that same device into the Right-hand Port, it acts like it has never seen it before. And vice-versa with something that was originally plugged into the Right-hand Port being moved over to the Left. It's a Brand New Day.

All I can think of is that those two sets of Ports are probably on two different USB Controllers (remember, this is a LAPTOP. It isn't like we're talking on-board-ports vs. ports-on-a-PCI-card), and Windows is too retarded to poke around in its own Current Configuration to see if the damned DRIVER is actually ALREADY INSTALLED. Even if it had to make a redundant copy of the Driver, at least it could do it SILENTLY, rather than acting like a horse that was approached from the wrong side (horses have no Corpus Callosum; so each hemisphere has its own visual-record and memory); IOW, it freaks out...

Say what you will about Macs and OS X, at least they don't do retarded shit like that! Glad to see Linux is also smart enough to recognize things that have been plugged in elsewhere before ON THE SAME COMPUTER.

Comment Re:You just explained why Macs cost less (Score 1) 495

Name a modern schematic capture/PCB layout package that runs on OSX. OrCAD, PADS/PCB, or Altium (used by Apple) all run on Windows only. There are a few, tiny hobbyist programs, but nothing mainstream that paying customers would want.

Name a 3D parametric CAD package that runs on OSX. Solidworks, NX, Creo (used by Apple) all run on Windows only. There are a few, tiny hobbyist programs, but nothing mainstream that paying customers would want.

Oh, and OSX is about 6% of the total market. That's a strong 2nd place to the ~92% Windows market share! But at least it's ahead of Linux so you go that going for you...

Nice strawman you got there! The original premise was that Mac USERS used Macs because the USERS were non-technically-adept. When I provided some anecdotal evidence in the form of several long-time Mac-using friends of mine (plus myself) who most certainly belied that stereotype, you pivot the argument to whether the MAC (not the USERS) was "incompetent" (had no available software) to use with "electrical design" work. Nice try!

But to answer your "challenge" anyway, I will say this, regarding my own experience trying to do embedded hardware and software development on Apple equipment since 1980:

Of course it has always been a challenge to find tools for electronic hardware and software design on ALL non-Windows platforms. But unless you are doing really high-end stuff, it has always been possible. And now, even some of the high-end packages are starting to come around.

One of the brightest areas comes in the form of software toolchains for embedded development. Many major microcontroller OEMs, such as Microchip, ST, Atmel, and others have released full, and fully-supported, development toolchains (one of the first being Microchip, who achieved a major headstart by purchasing the makers of Hi-Tech C compilers, which already had Mac versions of their compilers). And the list grows every year. And some people even use an Eclipse-based toolchains and even XCode to do embedded development. So actually, the software dev. side is getting pretty good at this point.

The hardware design side isn't as rosy; but it too, is gradually getting better each year.

As far as schem. Capture, simulation, and PCB design, one of the most competent packages (with the world's worst website!) is a package I personally used back in 1984 on the original 128k "toaster Mac": VAMP Inc.'s McCAD. It offers full-blown and integrated capture, simulation, PCB layout and Auto-routing modules, all of which are quite "competent", and in no-way "hobbyist" level. The pricing alone will dispel any of those allusions! As I said, don't let the amateurish website fool you: This is the real deal. I have used both OrCAD (extensively) and Altium (yes, both on Windows), and I can tell you that McCAD is easily their equal. By the way, OrCAD (and Cadence itself) is one of the nastiest, buggiest, most uneven pieces of shit I have ever used, and ultimately drove my employer at the time to switch to Altium (which I feel is only superior when compared with the POS that is OrCAD). I have only played with PCAD/PADS in demo versions, so I can't speak to them.

The other solution is Eagle, which has offered an OS X-native (Cocoa) (rather than just an X11 port) version of its integrated design package for over a decade. Although it most definitely has its roots in the hobbyist world (and still offers limited hobbyist and educational editions), it has grown into a pretty nice package (with "pro-level" pricing to match!), with some wonderfully-unique features, such as a flexible scripting language that can be used for all sorts of typical and atypical things, a lot of which would be difficult, if not impossible, on any other design suite. So don't diss Eagle.

As far as CAD/CAM goes, the picture is bright and getting brighter. The biggest news comes in the form of Seimens PLM/NX, which has had a fully-supported Mac version since 2009. So, do try to keep up. And I have seen an "interview" that strongly alludes to the fact that full-blown PTC Creo is coming to the Mac. After all, they already have a few specific iOS Apps. Solidworks remains Windows-only, but with NX (and possibly Creo) being available, who cares if they don't get it. Oh, and let's not forget Vectorworks and AutoCAD. They are both quite competent CAD packages, and most certainly not "hobbyist"-class stuff. I haven't looked in awhile to see if Autodesk Inventor has been ported to OS X, but considering how tightly-integrated it is with certain video drivers, I wouldn't hold my breath. I frankly have always thought that AutoDesk made some of the most overrated products on the planet, and that, for 2D/3D CAD, that VectorWorks easily mops the floor with AutoDesk offerings.

But as I said, none of that is relevant to the original assertion that Mac USERS are ONLY using Macs because THEY (the USERS) just don't know enough to use anything not "dumbed down" (as if).

So, without posting resumes, I hope this is enough to make you apologize for, or at least acknowledge the fact, that your statements might have been JUST a little over-generalized and stereotyped.

Comment Re:You just explained why Macs cost less (Score 1) 495

Ask your "friends" who are doing electrical development work what OS they use. HINT: it won't be OSX...

First off, What's with the scare quotes around "friends"? I have known every single one of those people since around 1978, and we would all count each other among friends. So right off the bat, fuckyouverymuch.

And as far as your second bullshit ASSUMPTION, in some cases, you would be dead wrong. In fact, I have done embedded hardware and software design on Apple computers and OSes since around 1980. Yes, that would be on the Apple][. But then it was the Lisa, the original toaster Mac (including assemblers, plus integrated schematic capture, simulation, and PCB layout. Yes, even back in 1984), the Mac Quadra 900, the iMac, and a MacBook Pro.

To be sure, I have also had to do development using Windows-based toolchains; but there have actually always been competent toolchains and tools for both hardware and (depending on the target hardware) software development for Macs. And in fact, ever since Macs have been getting more popular, it's actually getting MUCH easier nowadays.

You need to get your head out of your ass. This is 2016, and OS X is the second-most popular computing platform on the planet. There are plenty of embedded development tools. IDEs, CAD/CAM/CAE, assemblers, compilers, debuggers. Pretty much you-name-it.

Comment Re: How much of that is entirely Microsoft's fault (Score 0) 495

Selection bias.

The sort of person who is going to demand a Mac will be the sort of person who doesn't need as much support.

Same as people who use alternative web browsers -- if you know enough to care, you are probably the sort of person who doesn't need help.

The data is only relevant if the people getting Mac and the people who get PC are chosen at random.

IBM's HUGE sample size swamps out all that bullshit.

But thanks for playing!

Comment Re:Why? (Score 1) 495

Mac Notebooks are nice, but I recall when enough of them went dead early-mid00s due to a motherboard where the expense was already enough to brick them if they were older than 3 years. Now the integration and heat issues are even tighter.

Sounds like the exact time when everyone was having the same problems, due to the (ridiculous) fast-tracked RoHS initiative, which didn't give the industry sufficient time to adjust their components and production methods to deal with the unholy lead-free solder. If you look around, I would bet you would find other manufacturers that had much the same problems at much the same time.

But my biggest with Mac is the GUI/software. I fucking hate it. Things jumping up and down and flashing at random. Shit doesn't work like I expect it. AND IT JUST DOESN'T GTFO of my way! It's not intuitive and simple things like renaming files/folders are aggravating slow - can't even tab to the next like Windows. I read a review on the bottom line difference between iOS and android and it went something like "Android makes simple things tedious and difficult things easy. iOS makes simple things simpe and difficult things impossible". When talking about messaging and torrenting on a mobile device and the like. Same thing with Mac's OS.

You are truly a dullard.

The ONLY thing that "Jumps up and down" is a Dock Icon. That can be disabled.

As far as other "Notifications", I freely admit that macOS has been getting a bit more "in your face" by default in recent years; but all, or nearly all, of that behavior is controllable, either through the GUI, or at worst, by editing a line in a simple XML preference file. Look it up. Learn something.

Shit doesn't work "as you expect it" in ANY OS that you don't bother to learn. Try out Windows' "Modern UI" for a REAL shocker!

What is so slow about Renaming a File? You're just looking for stuff, now.

And here's a Present for you: Command-TAB to rotate between active windows. Been that way for the past SIXTEEN YEARS. Do try to keep up. And Expose can be used for even more advanced window-selection.

Any more memes you'd like me to disprove/dispell/educate you on?

Moron. Hater Moron at that.

Comment Re:Why? (Score 1) 495

We have both. We came so close to getting rid of our Macs. But now there is a new influx of them. And they all need to run a VM for the software that we use that has no version that runs properly on Mac.

And EVERY time one of our Mac users does a system update (which we are not allowed to prevent) it breaks things. Most recently Sierra seems to have an issue with some of our security software which is pretty much bricking the machine.

Sounds like either you and/or your management is incompetent.

For example, do you really think you are "not allowed to prevent" a "system update", or is that by Management Decree? Because OS X/macOS has fairly fine-grained controls to control more or less exactly what "classes" of "Updates" you want, and whether you want them automatically downloaded only, automatically downloaded and installed, downloaded and installed completely under manual control, or ignored completely. A lot of corporations that are actually competent run a local Update server, which both saves bandwidth, and allows for even greater Review/Control over updates. But with your obvious bad attitude toward the entire platform, I'm sure you've never taken the initiative to look into that yourself, have you?

And the issue with your "Security Software" is that Vendor's problem, not Apple's. If there is one thing across all platforms that more or less typically "breaks things", it is most often with Security changes/updates. So, if you really had any experience, you (or someone at your organization) would have already been on the phone with your Security Software Vendor, asking when they would be patching their software, and also asking why they didn't pay attention to the Developer Pre-Release that would have allowed them to be READY for the change. So, they're incompetent as well.

And if you are running your software in a VM, that implies a "Guest" OS that isn't OS X/macOS. Perhaps some of the problems you are having are actually there. Ever think of that? Again, not Apple's fault.

Comment Re:You just explained why Macs cost less (Score 1) 495

Yeah, Macs are good for people that know little about computers and don't want to spent time learning about computers

Bullshit. Bullshit. BullSHIT.

Mac owners, just like Windows owners, come in all shapes, sizes, colors, and skill-levels. To suggest anything else with a product with unit sales numbering in the hundreds of millions is patently ridiculous, and just makes you sound like (yet another) mindless Hater.

I am an embedded hardware/software developer with about 40 years work experience in same. I now develop Windows Application software. I have an SQL Server Admin cert.

I have a Mac-using friend that is a EE, formerly working on military communications hardware and software, now working a AT&T doing massive database design and modernization. He has both Apple hardware and Hackintoshes he spec'ed and built himself.

I have another Mac-using friend. Worked for years at Indiana University, writing various and sundry minicomputer and mainframe applications for the University itself, mostly on their DECsystem 10 and VAX/1170 systems running VMS, etc. Also worked with me for a time as an embedded (mostly software) developer. Also liked to write a bunch in FORTH. Now works managing a multinational corporation's IT.

And there's another of my Mac-using friends. He is a degreed (EE) RF engineer, working for Ritron corporation doing embedded product design. Now he owns his own personal-trainer business, but still dabbles in hardware and software design occasionally.

Oh wait; here's another: I have a Mac-using friend who is an Ophthalmologist by trade; but has a passion for writing Python code. He has also done some embedded hardware and software dev. work on a hobbyist level. His Python-based Optometry-Office Management software is on the market. By the way, that class of software has to pass a rigorous Governmental (FDA?) Approval Process. And yes, he actually wrote most of it, with one other person.

And that's just some "technical" people I personally know, and can count as friends, that I can think of off the top of my head. And these are all people who use Macs exclusively (except for the Eye guy. He also likes Linux; but his main computer is still a Mac).

Comment Re:3rd party drivers (Score 2) 495

...there is virtually no reason to need non-typical computing hardware.

Therein lies the problem. Many businesses equate "typical" with "cheap" and buy $300-$400 Windows PCs. See the problem now?

IBM doesn't. And didn't. From what I have read, they purchase Lenovo-ONLY.

So, no; I don't see the problem now; unless all the Slashdotters that praise Lenovo hardware are delusional, shills, or liars (which I don't think is the case).

Slashdot Top Deals

When speculation has done its worst, two plus two still equals four. -- S. Johnson