A pair of articles in TheRegister.com demonstrates that security vulnerabilities are practically anywhere you bother to look these days. Today, an article, strangely entitled “Hotel hacking could pump smut into every room”, discusses vulnerabilities that the security firm SecureTest found in the way a hotel had implemented Cisco’s Long-Reach Ethernet Technology. This is the technology that some hotels use to provide pay-per-view and high-speed Internet access. SecureTest found that there were no passwords on the television set-top boxes, so they could connect to them with telnet (on TCP port 5001) and change what the television was watching – moving it to a porn channel, for example. The hotel also failed to lock down its network, so the firm was able to break into an internal FTP server and, from there, compromise the database of TV usage.
In another article, “Infrared exploits open the door to hotel hacking”, Adam Laurie, technical director at secure hosting outfit The Bunker, showed that there is precious little security in the typical hotel infra-red communication system. Once again, this can be used to take over a television in a hotel room and access free content. Well, that’s not a big deal. But you can also change the IP address and frame somebody in another room.
Both of these stories illustrate two important points. First, the perimeter is dead — if you have a network, there is a real chance that attackers will be on it, trying to compromise other machines on your network. No sense in trying to hide behind a firewall.
But, second, and perhaps more importantly, these stories show that when computer systems are designed and deployed, they invariably have security holes. Some of the holes are fundamental. Some of them are deployment-specific. And most customers aren’t aware of the holes and, largely, don’t think that they matter–until they get hit.