Author Topic: Ubiquiti Breach  (Read 1850 times)

0 Members and 1 Guest are viewing this topic.

Offline madires

  • Super Contributor
  • ***
  • Posts: 6189
  • Country: de
  • A qualified hobbyist ;)
Ubiquiti Breach
« on: March 30, 2021, 08:32:49 pm »
Whistleblower: Ubiquiti Breach “Catastrophic“: https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/

Change your PWs!
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1235
  • Country: br
Re: Ubiquiti Breach
« Reply #1 on: March 31, 2021, 11:49:26 am »
It did not last very long to surface ...

Think fast..
- What should be the worst nightmare for a serious data center buz ?

... A SINGLE NODE OF CATASTROPHIC FAILURE ...

- What exactly a "CLOUD" is ?
... A SINGLE NODE OF CATASTROPHIC FAILURE ...

- you have no clue who controls and access it
- you have no real vision of how the thing is managed
- you have left your control to the hands of unknown others..

last question: Why people trust that cloud thihg ?

Why Ubiquiti and not MIMOSA Mikrotik Cambrium ... others..

Paul  :popcorn:


 

Offline madires

  • Super Contributor
  • ***
  • Posts: 6189
  • Country: de
  • A qualified hobbyist ;)
Re: Ubiquiti Breach
« Reply #2 on: March 31, 2021, 01:31:52 pm »
Someone screwed up the risk assessment. Cloud platforms are an attractive target, hack once and own millions of accounts or devices. However, the cloud isn't bad per se, but you need to know the pros and cons, and act accordingly. And even if you don't use the cloud you can create havoc for all your users, e.g by firmwares with hidden admin accounts. Some vendors are better, some are worse. They all have to face security issues from time to time. Some more often, some more rarely. No one is bulletproof.
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 4552
  • Country: au
Re: Ubiquiti Breach
« Reply #3 on: April 03, 2021, 08:00:59 am »
This breach was far from catastrophic, in fact, it had no impact at all to most customers. Unlike most IoT services, Ubiquiti allows you to use their products completely offline and independent of their cloud infrastructure. Even if you want to remotely manage your devices over a VPN, you still have that option.
 

Offline cdev

  • Super Contributor
  • ***
  • Posts: 6521
  • Country: 00
Re: Ubiquiti Breach
« Reply #4 on: July 18, 2021, 10:49:50 pm »
People use cloud services because they are lazy and often dont have any critical or valuable information to protect.

Many of them never even realized they could install and manage all those services themselves.

It did not last very long to surface ...

Think fast..
- What should be the worst nightmare for a serious data center buz ?

... A SINGLE NODE OF CATASTROPHIC FAILURE ...

- What exactly a "CLOUD" is ?
... A SINGLE NODE OF CATASTROPHIC FAILURE ...

- you have no clue who controls and access it
- you have no real vision of how the thing is managed
- you have left your control to the hands of unknown others..

last question: Why people trust that cloud thihg ?

Why Ubiquiti and not MIMOSA Mikrotik Cambrium ... others..

Paul  :popcorn:
"What the large print giveth, the small print taketh away."
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9792
  • Country: 00
  • Display aficionado
Re: Ubiquiti Breach
« Reply #5 on: July 18, 2021, 11:12:01 pm »
People use cloud services because they are lazy and often dont have any critical or valuable information to protect.

Many of them never even realized they could install and manage all those services themselves.

Nothing to lose like various parts of various governments?
 

Offline bson

  • Supporter
  • ****
  • Posts: 1984
  • Country: us
Re: Ubiquiti Breach
« Reply #6 on: September 29, 2021, 04:15:36 am »
Credentials like that are fine to keep and share using LastPass, 1Password and so on - but it needs to be protected with more than a password.  We use U2F devices - Yubikeys in particular.  Same with SSOs like Google, github/gitlab, and so on.  They all support U2F - for a reason!

And when people leave their accounts need to be taken down.
« Last Edit: September 29, 2021, 04:20:23 am by bson »
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1235
  • Country: br
Re: Ubiquiti Breach
« Reply #7 on: September 29, 2021, 11:45:15 am »
That scares the shit out of everything...

but also put things into a perspective where nobody cares anymore putting their privacy into the hands of unknown people trusted just by obscure labels such as "we care about your privacy..."  trust us..

No surprises there are currently about half dozens MEGA CORPORATIONS running a freak show.

Things will converge to those freak show and nobody cares anymore

These trends ahead in the mid-to-long term are very bad
They are and will concentrate that just to monetize the top of the pyramid..

and FU**** the rest

Paul
 

Offline SL4P

  • Super Contributor
  • ***
  • Posts: 2181
  • Country: au
  • There's more value if you figure it out yourself!
Re: Ubiquiti Breach
« Reply #8 on: September 30, 2021, 06:52:52 am »
LOL, wait for the ‘experts’ to say you should be using a ‘public VPN’ for your WAN connectivity 😱

Oh, I missed that VPN, Virtual Public Network… so it MUST be safe ?
Don't ask a question if you aren't willing to listen to the answer.
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1235
  • Country: br
Re: Ubiquiti Breach
« Reply #9 on: September 30, 2021, 07:42:59 am »
LOL, wait for the ‘experts’ to say you should be using a ‘public VPN’ for your WAN connectivity 😱

Oh, I missed that VPN, Virtual Public Network… so it MUST be safe ?

Personally i give a shit for VPN  as part of my activity i really do not care who is certainly wasting time logging me. 

But when i do want some obscure  cloudy bits...  i just switch my proxy to TOR

and i have 3 settings for that

I am pretty sure today even VPNs can be sniffed with remote tags placed on hashes and hidden code

TOR is a bit hard to spot

Paul
« Last Edit: September 30, 2021, 10:17:18 am by PKTKS »
 

Offline Ranayna

  • Frequent Contributor
  • **
  • Posts: 506
  • Country: de
Re: Ubiquiti Breach
« Reply #10 on: September 30, 2021, 09:48:35 am »
Well, considering that it is at least suspected that a large majority of TOR exit nodes are run bei various "Three Letter Agencies" i would not trust TOR all that much.
I would even think that it makes you especially suspicious. :p

On topic: In the past, despite not having had personal experience with Ubiquity hardware, i, and many IT people i know, often recommended it as consideration for affordable wireless products.
But since that breach i stopped doing that, and any consideration that i myself might upgrade to Ubiquity hardware had been stopped. When i learned that they now have started showing ads on the admin webpages of some of their devices i am really glad that i do not have anything made by them.

But this account bullshit is really becoming very common. There are Netgear switches that need a Netgear account to manage. There are now HP printers that need an HP account to set them up. And now Windows 11 Home Edition needs a Microsoft account. It's getting ridiculous, and the options for sane people get less and less.
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1235
  • Country: br
Re: Ubiquiti Breach
« Reply #11 on: September 30, 2021, 10:22:28 am »
Well, considering that it is at least suspected that a large majority of TOR exit nodes are run bei various "Three Letter Agencies" i would not trust TOR all that much.
I would even think that it makes you especially suspicious. :p
(..)

It may be mostly TRUE today..  reason I have even put aside my own relay..

But it was not like that a decade ago.
It became pretty clear that filthy hands got into the relays...

Nevertheless the amount of trouble and brute force they need to do is mostly worthless for the results..

Today I really give a shit for all that freak show  the agencies and mega corps are making..

Internet and software in general turned out like a serious anti-privacy surveillance monetizing paradigm ...

Reason such CLOUD buz fast ascending
And why obviously some targets are sweeter than others..

Politics and discrimination as usual

BTW running a relay or proxy may be suspicious for vicious minds trying to find targets 100% time..

Otherwise is just a plain proxy method like any other  being VPN or filter proxy

The world we live is sick and monetized 
Paul
« Last Edit: September 30, 2021, 10:27:15 am by PKTKS »
 

Offline madires

  • Super Contributor
  • ***
  • Posts: 6189
  • Country: de
  • A qualified hobbyist ;)
Re: Ubiquiti Breach
« Reply #12 on: September 30, 2021, 11:17:00 am »
Most of the popular VPN services are marketed as some kind of privacy shield which they aren't. Marketing nonsense, as usual. There are many ways to pinpoint a specific web browser profile, not matter if via direct internet access, NAT or VPN with public exit. And those pesky enforced online accounts aren't a good idea either. Why should I give a LAN switch or a printer internet access? To increase my attack surface? Ever heard of network security? The vendors claim that they care about privacy and security. Still they try to enforce an online account which won't work without internet access. :palm: ²
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1235
  • Country: br
Re: Ubiquiti Breach
« Reply #13 on: September 30, 2021, 01:00:08 pm »
(..)Still they try to enforce an online account which won't work without internet access. :palm: ²

Don't  forget as today: 
- an online "account" monitoring
-  a required TPM identify tutored agent
- a UEFI  "trusted" firmware.

Not so long ago mostly account and MAC (which can be tinkered)

But that would not scale and leverage tracking system surveillance

So competition can be tutored
Paul
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf