Certainly a risk, as no software firewall can be perfect. However, that NAS, if connected on the LAN which is on the Internet, ALREADY has a very similar element of risk:
A hacker just needs to punch through the router from the public side to the LAN side. That's not so different whether the hack comes from China or your driveway.
People need to understand that a home gateway router ALREADY has a public side and a private LAN side. That's how you are connected to the Internet!! Adding wifi on the public side doesn't make it any more public.
"They do not have the bandwidth to support their customers bandwidth demands"
No, for the most part they do. Most customers actually use a trickle of data (especially if averaged through the day), but have 30Mbps connections. Not a big deal to add some outside traffic on a "space available" basis. The system is designed to prioritize homeowner's traffic.
Although both cases deal with third parties and passers-by using a home's WiFi/Internet connection, in the 2007 case it was the homeowner who may or may not have offered public access. In the current topic, it is the ISP that has chosen to offer public access.
Techdirt was in favor of the public access in 2007, because it was a rational assumption that the homeowner may have deliberately shared their Internet/power/bandwidth/wifi, but in the current case, that is almost certainly untrue.
I personally refuse to use Comcast premise equipment so I can retain control of my network. At my in-laws house, I disabled the public network on principle - nobody asked permission, and no tit-for-tat incentive was offered.
I like the concept of a blanket of wifi provided by home routers, like FON. But it needs to be consent-based.
But the city did not get all the revenue for the medallions. Many are re-sold on secondary markets, and investors and speculators made the capital gain.
I say tough. Lots of capital investments drop in value. That's kinda the downside of capitalism and investment. I've bought shares of companies that went to zero. Why did they go to zero? Well, because other better technologies came along and disrupted their markets.
So it is with Medallions. They are dropping in value because something better came along. Only difference is the gov't is involved, so those people who invested are crying to gov't to stop their losses. Tough shit.
What if you owned Blackberry when iPhone came out, or Diamond Rio when the iPod? What if I invested in a travel agency just before the Internet messed up their valuations? What if I bought stock in Garmin or Tom Tom right before Google offered nav for free on Android? Tough crap. Private investors need to tale their losses.
The smartest investors will have sold their medallions a while ago, anticipating the disruption. But somebody loses. Why should they have an unlimited upside, with a guaranteed downside protection from the city?
Let's say YOU (a US citizen) draw a picture of the prophet Muhammad. You post it to the interwebs. Some people in Iran look at your picture. The police in Iran arrest them, then also issue a warrant for your arrest. They also file the paperwork requesting the USA extradite you to Iran.
Now, should you just go, and face your charges, or should you resist extradition?
Let's review some of the circumstances: 1) You never visited the country that accuses you 2) that country has a bad record of over-exaggerated punishments for the crime at hand 3) You are a citizen, and live and work in another country, which is where you committed the alleged crime. 4) It seems like the accusing country has an irrational vendetta against you, and is also trying to shut down your business, seize all your assets, and tar you with a propaganda campaign.
Wow, that all also matches Kim Dotcom's situation! I guess the right choice for both of you would be to resist extradition, and try to face the more reasonable legal system of the country where you are, where you live, and where you committed the alleged crimes.
Re: Re: Re: Re: There's an Element of BS to This "Hack"
"Did you even both to read the Wired article? If what they claim is true, NO prior access is needed at all"
Did you not read what I read? I don't believe their claim.
If that claim WERE true, they would not have demonstrated on their own Jeep. They would have made their point by telling the wired reporter "Just rent ANY 2014 Jeep when you arrive in Chicago."
But they didn't. They supplied the car.
Perhaps they didn't hack a random vehicle because it isn't safe? Nope, that is not consistent with their know actions: The fact that they demonstrated on a public interstate shows that, for them, safety concerns are trumped by a dramatic news story.
When an owner modifies his own car, it's really more of a "mod" than a "hack". This news story headline would be more honest if it read "Guys Mod Their Car To Be Partially Remote Controllable".
I admit, I don't have a whole lot of proof to back up my claim, but then again, they haven't supplied much either. And given their record of sensationalizing this type of thing, I'll bet money that it's an exaggeration.
That Prius was completely opened up, and they were patched in with wires and laptops. It was basically a farce to think that the average person could fall victim. How many real victims have turned up in the two years since? Zero. So these guys lack credibility to me when they try to start a panic. I see clickbait.
That said, there are legit aspects to their findings. The weak separation of entertainment system and CANbus is important. That is what Chrysler will rush to patch. They are legit black hat hackers for finding that.
But the remote aspects are just fear-mongering. The hack wasn't done remotely. It was done in the car, then they went remote to control it. The part that scares people is their cars being remotely hacked from China, Russia, or Nigeria. That is not a revealed possibility.
...Imagine "Dear good sir. I, a Prince of Lagos, have taken control of your car. If you would like it returned to you, please wire $5000 to this bank account. May the good lord bless you, as I'm sure you are a good person." That is scary, but didn't happen...yet.
Also, I agree that car security is very important, and like most security, not adequate. Most big companies (and gov't) seem to rely on "Security through arrogance", which is one step weaker than "Security by anonymity".
These two hackers and the author strike me much as the lead-in to the 6 o'clock news: "What's in your car that might kill you? Stay tuned to find out."
The Jeep appears to belong to the hackers. So they had complete access prior to the Wired reporter arriving.
If they go into their own Jeep, modify the systems through an open port like the OBDII, then remote connect to the car, is that really "hacking into" someone's car?
I mean, my car has a app. If I have full access to the car, I can link the app to the car. Now I can honk the horn, activate the AC, open the sunroof from anywhere in the world. It's considered a feature.
People have been able to "hack" vehicles in this remote way for decades, so long as they had prior access. What about cutting the brake lines, or attaching a bomb that is remotely detonated. I could remotely activate a solenoid that shuts off fuel supply -- all on a 1920-2015 non-connected car?
This hack demo is theater. It would be far more frightening if they didn't have prior full access to the vehicle.
Now, I agree that there should be stronger security, and better firewalls between the entertainment and mechanical side. But this Wired story teaches us nothing...other that fear mongering grabs attention.
"they want us to believe that Snowden was such a genius that he was the only person capable"
Who is they? Nobody claims this.
Snowden was one of many who had access to the data. But he was the only one with the integrity to sacrifice his well-being and freedom so that the people could know what its government was doing. THAT is why only he came forward.
"nobody thought to do it before him"
Many probably did. But when you think about it, you think "Oh, shit, I will lose my job. What else? Hmmm...My boss tells me it's OK, just shut up. I have reported constitutional violations, but senior people told me to just carry on. If I leak it, my own government will come after me, possibly to kill me. I will be a pariah in my own country. Many will paint me as a villain. Everyone will search all my past for any vices and publicize them. I will never be safe, never return to my home."
Is it a surprise it takes a hero to choose the constitutional option?
If he were working for the Russians, Why TF would he have leaked anything at all. He would have just handed it to the Russians, and given them a monopoly on the information. Information is power, right?
Who DID he give the information to? The People. Power to the people? Hmmm. Sounds like a hero to me.
Re: Re: The Cost Is Not Really Out Of Line, But There Is Too Much Focus On High-End Service For A Few People.
I've worked on some research reports on video editing companies, and their data transport demand.
The pro post-production media shops almost all locate around (within hundreds of yards from) the key telecom "peering points" like One Wilshire Blvd. in Los Angeles. They do this because they want to tap in "mainline" that bandwidth. Also, that proximity allows upgrading with minimal trenching.