Submitted by mossadnik t3_y6dzmb in technology
metalmagician t1_issfarl wrote
Reply to comment by ADZIE95 in Oakland Cops Hope to Arm Robots With Lethal Shotguns by mossadnik
You clearly know nothing about cyber security if you agree with the statement "probably fairly easy to make [shotgun bot] secure". I had a cyber security course in my degree, and I had to spend hours in the isolated CS lab trying to crack a purposefully vulnerable WEP network. I know enough about cyber security to know it isn't for me
Affectionate-Cell614 t1_it5ediw wrote
huh, you tell us we know nothing about cyber security and you bolster your own experience by saying you had to spend hours in a cyber security lab purposefully cracking a WEP network? lmao. hasn't wep been cracked for ages now and what does that even prove? You could easily make a robot secure.
metalmagician t1_it5guuf wrote
....and? It was one class in an undergrad degree, I wasn't doing cyber security research. Physics undergrads aren't discovering new particles and premed undergrads aren't curing cancer.
Also, we weren't script kiddies begging for premade exploit files, our assignment was to exploit a known vulnerability using a nop slide in C++. If you think that's easy, then I doubt you've had to write C++ at all
As I mentioned earlier, I know enough about cyber security to know it isn't for me. You don't need to be Steven Fucking Hawking to know you don't want to learn high level math.
Affectionate-Cell614 t1_it5eij5 wrote
I actually just google searched when wep was cracked... 2005 and it also mentioned that cracking a wep network takes minutes. sounds like you got scammed with that degree buddy
Affectionate-Cell614 t1_it5erdp wrote
systems are vulnerable to hacking because they have multiple points of attack. like giant banking companies with thousands of systems across a large geographic area, so there is bound to be one vulnerability somewhere. this is a robot with one controller.
metalmagician t1_it5kjgl wrote
I know very little about modern exploits (take this with a pinch of salt), but I imagine one could exploit the bots like so:
-
software updates will need to be periodically installed to the dog. I really really doubt they wouldn't update the software after release, given how novel the bots are
-
the software updates will be authenticated somehow, to ensure that "only" the software vendor is the author of an update.
-
if an attacker can successfully impersonate the software vendor, they could load malware onto the robot through the existing update process. This would be similar to the attack that came through SolarWinds
Viewing a single comment thread. View all comments