Cyber Attacks - any implications for owners of Naim web enabled devices?

The DDoS method you describe require the unsuspecting host devices to be autonomous, have a route to the internet and have a computing platform that is readily recognised, web enablement is neither here or there. In addition there needs to be some way of infecting these devices through some other weakness like malware, or virus on a host like a Mac, PC etc  on the home network. So the current streamers almost certainly pose little or no risk, but the new Uniti series with its custom embedded Linux distribution offers increased risk. It may well be a case of Naim needing to advise of OS vulnerability updates on the new devices. I am not aware of Naim doing this with the old UNitiserve however.

As always keep virus and malware checkers upto date and vulnerabilities / software patched on all platforms that are connected to a network with access to the internet.

Simon

Good advice from Simon.

As always though, the biggest vulnerability in any system is*YOU*;

don't click on links on emails from unknown sources;

don't go to web sites that you are unfamiliar with just to get a cheap music download;

don't install any software unless it comes from  a trusted source, its the source that must be trusted, not the software;

don't give anybody (and I mean *ANYBODY*) usernames or passwords or PIN numbers;

... etc etc.

Treat all internet interactions as you would with an unannounced visitor at your front door, i.e. with extreme caution.

The easiest way into your network is via your own web interactions, once in a PC or Mac then they can cause havoc so don't let them in.

Have a safe Xmas and an enjoyable New Year,

Allan

I've been reading somewhere that the old UnitiServe is having a version of Windows. If so, it is quite a risk. Maybe Phil Harris can enlighten us a bit how this risk is mitigated.

Another point worth considering: if using NAS for streaming disable all its web-based interfaces, essentially turning it to a very local server. Use ISP modems - mine also acts as a firewall.

Ardbeg - Windows is no more vulnerable than Linux and its derivatives.

I only use Windows Defender (... and I know its not the best so don't bother commenting) and my PCs and laptops have never been compromised because I'm careful what I do - I'm tempting fate there, aren't I

It is rare that domestic networks are hacked by external penetration without the owner first inadvertently downloading malware to allow this penetration, so good habits are your best defence.

The Uniti and streamer products can basically be attacked using a number of methods:

1. by malware being downloaded through some user interaction and then this communicating with the scumbags out there.

2. the scumbags hacking in manually through the external network directly.

3. Scumbags hacking into Naim and embedding malware into their firmware and other software so it is distributed in every product/app.

The 2nd is not very likely since it would take a lot of effort on the scumbags part for little reward and they reserve this effort more for commercial companies.

The 3rd should be handled by Naim's security protocols and we can't do anything about it anyway.

IMO the biggest threat is that a trusted music download site is compromised with malware being injected into their downloads - this can even be in the .jpg album art - and then we're all screwed;

unless, like me, you only rip CDs

Be sensible and careful online and you should be fine - there are a lot more serious things to worry about ...

Allan

Its always instructive to run a portscan... <he said, enigmatically>

Mostly because the malware writers are doing that for you (from the other end).

Adam Zielinski posted:

Another point worth considering: if using NAS for streaming disable all its web-based interfaces, essentially turning it to a very local server. Use ISP modems - mine also acts as a firewall.

Adam, as I said web interfaces are neither here or there, any open port can potentially be exploited, not just web ports (like port 80 and 8080)

Simon, this is true of course - any port can be exploited. But ...

I'm being only a simple software engineer, but in my experience the most vulnerable items on either a private nas or the servers which I touch in my daily occupation - are the outdated webservers running 3rd party software / libraries.

Non hardened tomcat installations running using 'LocalSystem' (windows) or 'root' on Unix. In my experience, at least half of the servers have them.

Simon-in-Suffolk posted:

Adam Zielinski posted:

Another point worth considering: if using NAS for streaming disable all its web-based interfaces, essentially turning it to a very local server. Use ISP modems - mine also acts as a firewall.

Adam, as I said web interfaces are neither here or there, any open port can potentially be exploited, not just web ports (like port 80 and 8080)

Of course Simon. My advice is more a out minimising the risks rather than avoiding them altogether.

Any port can be exploited. But if there is nothing being hosted on port 80 other than a blank page then there is no need for port 80 to be open 

Cheers guys, yes outdated libraries are potentially troublesome.

I did have one case of a pretty bad cyber attack on my music system.

Someone broke into it and loaded the entire The Smiths discography onto my server. 

Bart posted:

I did have one case of a pretty bad cyber attack on my music system.

 

 

 

 

 

 

Someone broke into it and loaded the entire The Smiths discography onto my server. 

 

My profound sympathies.

I live in fear of an attack of this sort.. Luckily my virus protection software is working effectively, and as yet, my NAS is Smiths and Morrissey free.

Before becoming overwhelmed by the fear of the apparently inevitable destruction of mankind through the efforts of the cyber-villains wreaking havoc in the Internet-of-Things.........

.......When was the last time any of us checked we could restore the backups of our music libraries?

I might, or might not, be the focus of a cyber threat, but my hard drives will all inevitably fail.

Just a thought.

KR, J

On failing drives: Just out of interest, I started recently my Olivetti M21 from 1986 having 5.25 fdd drives. MSDos 2.11 was still booting. My first PC smells the same, sounds the same, looks the same. Nostalgia.

I have not opened any digital Christmas card which was sent to me over the last weeks. Can't trust.

Bart posted:

I did have one case of a pretty bad cyber attack on my music system.

Someone broke into it and loaded the entire The Smiths discography onto my server.

 Far worse than that - some cybercriminals based in Cupertino broke into my iTunes and left behind a poor-quality U2 album.

Noogle posted:

Bart posted:

I did have one case of a pretty bad cyber attack on my music system.

Someone broke into it and loaded the entire The Smiths discography onto my server.

 Far worse than that - some cybercriminals based in Cupertino broke into my iTunes and left behind a poor-quality U2 album.

I hear that if you delete it, they put 2 more in there.

Dr_J posted:

Before becoming overwhelmed by the fear of the apparently inevitable destruction of mankind through the efforts of the cyber-villains wreaking havoc in the Internet-of-Things.........

.......When was the last time any of us checked we could restore the backups of our music libraries?

I might, or might not, be the focus of a cyber threat, but my hard drives will all inevitably fail.

Just a thought.

KR, J

Oh yes... not just drive failure, but also data corruption/deletion through human error. Recently restored from backup some folders I accidentally deleted when tidying some files up... phew thank goodness for backups. (Both NAS change history and seperate backup storage)