This is pretty funny. I doubt its authenticity but confess that when I worked at Intel (a looooooooooong time ago) and Andy Grove suggested there would be an 8086 in every Toaster I thought he was nuts, because the minimum system was about 4 sq inches (I had one as a demo board Intel sold) and who would want a CPU in a toaster anyway? A timer and a heating element, how hard is that?<p>Flash forward to today when playing with an Electric Imp[1] and noting that you don't need 4 sq inches, you don't even need 1 sq inch and you can network the damn thing.<p>So it certainly becomes <i>feasible</i> to do this sort of thing but I'm unable to construct a non-targeted reason why it would be <i>worthwhile</i> to do it. Now if you said, "A shipment of toasters headed for the US Embassy" or something where there was some actionable intelligence to be gained by snooping the network, perhaps. but randomly? Not so much.<p>[1] <a href="http://electricimp.com" rel="nofollow">http://electricimp.com</a>
If you read the original, there are several strong bullshit indicators.<p>The 200 meter range is one.<p>Second, they quote some guy who's a director of a consumer electronics importer. He says that the reason they found these "spy chips" is because the shipment of consumer electronics was over declared customs weight. So they started looking and found chips, <i>meaning</i> that the keyword you are looking here for is "customs", not "Chinese spam chips" :)<p>[0] <a href="http://www.rosbalt.ru/piter/2013/10/22/1190990.html" rel="nofollow">http://www.rosbalt.ru/piter/2013/10/22/1190990.html</a>
"by connecting to any computer within a 200m (656ft) radius which were using unprotected Wi-Fi networks."<p>wow it's better than any wifi router I've ever owned! Time to buy an iron.
Makes sense. People who use irons are the real global power brokers in every modern society. The laundry room is the ultimate prize. Even though it may cost $50 to manufacture an iron that has 200M WiFi range and sophisticated viral payloads, and sure irons are unplugged most of the time, and OK, you'd have to sell the irons at a steep loss, but still you will have amassed a network of thousands of irons spanning the globe, listening, waiting, and ironing.
The source for this is Russia state owned media. I imagine this is a Ukrainian chocolate situation. When Russia gets pissed at someone they attack a trade relationship that hurts that country. Suddenly, Ukrainian chocolate is unsafe. Suddenly, American adoptive parents are unsafe and morally dubious for Russia adoptions.<p>I wonder who makes these irons and if this is the beginning of a larger smear operation.
During my short time in Russia, the "unprotected wifi network" did not appear to exist. Wherever I went, they seemed pretty paranoid (probably justifiably) about keeping wifi locked down.<p>Hotels went so far as to give you a custom per-device one-day-only password.
True or not, it's an interesting attack vector. Makes me wonder (again, assuming this is real) if it was designed that way or perhaps the manufacturer was compromised/firmware modified (although why would an iron need firmware?). I imagine we'll probably see more attacks using unconventional attack vectors in the future; the Chinese hackers using a thermostat to maintain persistence in the US Chamber of Commerce springs to mind [1]. Something that you bring in and connect willingly to your network would be devastating. Can you imagine buying a new TV, toy for your kids or some other high-tech wifi-enabled device and later discovering that it would periodically arp-poison your laptop?<p>[1] (see section titled "Lying in wait", about halfway down the article) <a href="http://www.nytimes.com/2013/01/31/technology/chinese-hackers-infiltrate-new-york-times-computers.html?smid=tw-share&pagewanted=all&_r=0" rel="nofollow">http://www.nytimes.com/2013/01/31/technology/chinese-hackers...</a>
Sounds interesting - it must be very cost effective to do this, so I'm wondering what chipsets are used in these products? Would this make for a very low cost Internet of Things? I've always wanted to have a mini-router embedded in a light bulb. It wouldn't need power and should have decent range.
Are SoC's getting so cheap that this kind of scatter shot approach is cost effective ?<p>In all honesty I believe this is a fabricated story.
Mainly
1) its not cheap
2) Irons are hot and can have water in them for steam. Not ideal for electronics
3) Irons aren't in use all day. Hardly a great attack vector, a mobile phone charger would be much better
There is no way that this attack method is profitable if the attacker is fronting the cost of manufacturing. This leads me to believe that this article is incorrect or fabricated, or that this is a seriously interesting attack on a iron manufacturer.
There are lots of attempts at humor in the comments. So far, the BBC reporting just says, "State-owned channel Rossiya 24" reported something, without any BBC reporter claiming to have independently verified the reports from Russia. Maybe this isn't a true fact about the world. It might be Russian official media paranoia, or some kind of hoax, or some kind of misunderstanding of a legitimate product feature. Until this story is better verified, I will go right on ironing my clothes. Are there specific brand names or lot numbers of the products available to reporters in other places who could verify (or disconfirm) this story?
Don't trust anything Russian state-owned media says. It went completely crazy in last 2 years. I recently watched a "Documentary" on this main "news" channel Rossiya 24, which speculated that the outbreak of Swine influenza in Asia was an ethnicity-targeted bio-weapon attack, carried out by the US. And other similarly insane things like "Bill Gates tries to make everybody infertile in Africa, with his anti-malaria vaccine." Overall mood that this 'program' tried to convey is "be afraid, be very afraid of foreigners and foreign states. They are out to get you."
There's really no way for us to know that CPU manufacturers haven't embedded a backdoor that transmits - on some unknown frequency, or maybe technology - the contents of CPU registers and cache lines directly to some NSA satellite somewhere. We just don't have the ability to audit the powers that create these machines; and this sort of highlights a massive disparity between classes - the technocratic class, and the consumer class.
TOR EXIT NODES. In a single swoop, the internet just got a whole lot messier to police ;)<p>I've been thinking about ideas like this for years, but it never occurred to me that you could just hit the supply chain at the source, rather than covertly fit the devices once kit had been installed.
My new company will provide Faraday caging of homes and residential buildings... Seems like with the new Intel chips with built in wifi that were rumored it will become popular service
Without more evidence, I'm pretty skeptical of this particular claim.<p>Nevertheless, thousands of heating elements under your control in enemy territory would make a pretty evil cyberweapon.