If you’ve encountered ransomware before, you’re familiar with how incredibly destructive it can be. It literally holds your computer and files hostage unless you cough up a steep ransom, usually paid in Bitcoin.
Now, it looks like ransomware is about to make the leap from computers and smartphones to Internet of Things devices .
Andrew Tierney and Ken Munro – two UK-based researchers for IT security firm Pen Test Partners – demonstrated the world’s first ransomware for a smart thermostat earlier this week at the DefCon security conference in Las Vegas.
The Wi-Fi enabled thermostat that the researchers targeted is basically a Linux computer. It allows the user to upload wallpapers and configuration settings through an SD card; that’s what they use as a vehicle to install a malicious program onto the device. At this point, an attacker would have full control over the thermostat.
It’s worth noting that for a device to be infected, an attacker would need physical access, or the owner would have to be tricked into infecting their own thermostat.
So far, the name and manufacturer of the device affected hasn’t been publicly announced. That’s because the researchers only identified the vulnerability two days before the conference was scheduled to start, and have not been able to contact the manufacturer in order to arrange a fix.
Thankfully, Tierney and Munro both believe that it will be an easy problem to patch.
This episode illustrates the troubling fragility of Internet of Things devices. There are far too many of them that have shipped with vulnerabilities that leave their users at risk, from Wi-Fi enabled kettles that leak network passwords , to “smart fridges” that broadcast the user’s Gmail credentials in plaintext .
As the number of IoT manufacturers and users proliferate, and as the devices become mainstream household appliances, it seems probable we’ll see even more high-profile security issues.
Chromebooks now support Chromecast streaming for videos stored in Google Drive
Chromecast is one of the easiest and cheapest gizmos for streaming content to your television. But what about standalone video files that you have stored on a hard drive or online? Well, that’s just become a little easier for Chromebook owners.
In the latest Chrome OS dev update, the folks at Google have updated its video player app with the now easily recognisable Chromecast icon. With the Google Cast extension installed, you can now open the Files app, play a movie uploaded to Google Drive and quickly whisk it across to your favorite television.
Provided you’re invested in Google’s hardware and online storage service, this could be a viable workaround. If you’re interested, head here to learn how to shift your Chromebook over to the dev version of Chrome OS. As always, because this isn’t a stable channel feature, a few bugs should be expected.
➤ Chromium Code Review (via Google+ )
Top image credit: Justin Sullivan/Getty Images
You can now buy devices directly from Motorola’s new UK portal
Motorola has today announced that, for the first time, customers in the UK can buy handsets and other devices directly from its new site.
The portal at Motorolao.uk is currently stocking the company’s freshly updated Moto G for delivery from £149.99 SIM-free. Alternative colored shells will also available to purchase through the site, but weren’t available at the time of writing.
There are also options to register for more information about the impeding arrival of its new Moto X smartphone and Moto 360 smartwatch – both of which will be offered directly to UK buyers.
It’s an important move for Motorola as it means that it doesn’t just have to rely on UK operators and retailers like Amazon to sell its devices in the country, but can instead control more of its own distribution and give customers a central point of contact and purchase for all its future devices.
➤ Motorolao.uk