It seems that Chromcast devices that are on home networks with Universal Plug and Play enabled are reachable from the Internet. Which makes them pwnable by hackers. An example of this was captured by TechCrunch. Now the hackers aren’t out to steal anything as the message actually has some useful info. Such as you should turn off UPnP to make your network more secure. Oh yeah, according to the hackers, you should subscribe to the YouTube channel of Pewdiepie. Don’t know who he is? Ask your teenagers.
Now this isn’t a Chromecast bug as such. It is really an inherent weakness in Universal Plug and Play which is designed to make devices work easily with each other. But I have been on record as saying that UPnP should just be disabled on routers by default as it is a security nightmare just waiting to happen. So if I were you, I’d dig up your router manual and figure out how to turn off UPnP now. As in right the hell now. And that advice holds true whether you have a Chromecast or not.
Like this:
Like Loading...
Related
This entry was posted on January 3, 2019 at 9:00 am and is filed under Commentary with tags Google. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Hackers Are Pwning Chromecasts To Broadcast Security Risks About Chromecast And UPnP
It seems that Chromcast devices that are on home networks with Universal Plug and Play enabled are reachable from the Internet. Which makes them pwnable by hackers. An example of this was captured by TechCrunch. Now the hackers aren’t out to steal anything as the message actually has some useful info. Such as you should turn off UPnP to make your network more secure. Oh yeah, according to the hackers, you should subscribe to the YouTube channel of Pewdiepie. Don’t know who he is? Ask your teenagers.
Now this isn’t a Chromecast bug as such. It is really an inherent weakness in Universal Plug and Play which is designed to make devices work easily with each other. But I have been on record as saying that UPnP should just be disabled on routers by default as it is a security nightmare just waiting to happen. So if I were you, I’d dig up your router manual and figure out how to turn off UPnP now. As in right the hell now. And that advice holds true whether you have a Chromecast or not.
Share this:
Like this:
Related
This entry was posted on January 3, 2019 at 9:00 am and is filed under Commentary with tags Google. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.