(blog.cloudflare.com)

265 points methuselah_in | 2 comments | 20 Jun 25 18:34 UTC | HN request time: 0.411s | source

Show context

losthobbies ◴[24 Jun 25 13:52 UTC] No.44366283[source]▶

Dodgy IoT devices will be the end of us all.

bearjaws ◴[24 Jun 25 14:22 UTC] No.44366592[source]▶

It's wild to think with the proliferation of 1gbps fiber internet, even a modern pi board or old desktop is a potential 1gbps bot host.

replies(3): >>44366877 #>>44369703 #>>44376673 #

franga2000 ◴[24 Jun 25 19:02 UTC] No.44369703[source]▶

>>44366592 #

When your IP is found to have been part of a botnet, I think ISPs should just limit you to like 20Mbps for at least a year, so you think twice about buying that 10$ wifi baby monitor next time.

replies(6): >>44370378 #>>44370602 #>>44371379 #>>44380821 #>>44384044 #>>44392890 #

yupyupyups ◴[25 Jun 25 19:06 UTC] No.44380821[source]▶

>>44369703 #

Or you go after the producers and retailers of these devices. This way you wont have to harm tech-illiterate people.

replies(1): >>44384086 #

1. motorest ◴[26 Jun 25 04:02 UTC] No.44384086[source]▶

>>44380821 #

> This way you wont have to harm tech-illiterate people.

What leads you to believe this is a tech illiteracy issue? Do you believe that only consumer IoT devices are unwitting participants in DDoS attacks?

replies(1): >>44398773 #

2. yupyupyups ◴[27 Jun 25 17:47 UTC] No.44398773[source]▶

>>44384086 (TP) #

There is no way for an ISP to differentiate between an infected router or IoT device and an infected PC due to the user's own neglegence.

If laws like the Cyber Recillience Act have been put into effect long enough for us to see a significant improvement in device security, then we can softly begin to rule out that cause and focus on the user.

We are not there yet, because (imo) devices are still not properly secured enough for us to go straight to blaming the user.

↑

How Cloudflare blocked a monumental 7.3 Tbps DDoS attack