This JSON request instructs the alarm clock on every “alarmSound” event to send a HTTP request to the coffee machine. Whilst this may seem a simple and effective way of implementing the Pub/Sub pattern in HTTP, this poses a significant security risk.
By not being able to validate if the receiver of the subscribed message wants the message or not, there is effectively a DDOS vulnerability. An attacker with the ability to set subscriptions on the alarm clock can effectively send HTTP messages to any device or internet property they want. If this is done across enough devices, a DDOS vulnerability is created.
Toast popping out of a toaster or a car driving across a road traffic sensor could be the trigger of a future large scale DDOS against a web property.
Journalist’s Resource published this great comic by Josh Neufeld, explaining the basic concepts behind differential privacy, the data collection method used to prevent bad actors from de-anonymizing the information gleaned from the 2020 Census. The original source includes some other great resources on differential privacy, but since the comic itself is made available under a […]
Last spring, a Baltimore underwent a grinding, long-term government shutdown after the city's systems were hijacked by ransomware. This was exacerbated by massive administrative incompetence: the city had not allocated funds for improved security, training or cyberinsurance, despite having had its emergency services network taken over by ransomware the previous hear, and five city CIOs […]
I’m not the kind of person who possesses the programming or IT knowledge to run my own servers and host my own email. But I can manipulate some things on the internet or on local networks, like how to access the gateway to your router and make some changes in there, even if I […]
When you were 10 and your mom demanded you finish your vegetables or go to your room, you were mad. Even as kids, we hated it when we were ordered to do something. Car insurance is a federal mandate, yet that’s only one of the reasons why most Americans would rather do just about anything […]
We all know the drill. As the overlords of the smartphone and tablet markets, the braintrust at Apple very seldom hold sales on their signature devices. So rather than spending almost $1,000 on a brand-new iPad Pro, the folks in Cupertino are instead giving you the opportunity to score one for about a third of […]
Entrepreneurs looking for new avenues to reach customers may not have considered one of the fastest-growing content mediums today: podcasting. And we don’t mean just dropping an advertisement for your product or service in the middle of a popular show. Right now, there are about 850,000 active podcasts reaching 165 million Americans. Those listeners are […]