Looks like there's blog post about the whitepaper [1] which is a bit more informative without reading the PDF, and this was already discussed [2] via an arstechnica article.<p>[1] <a href="https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play" rel="nofollow">https://community.rapid7.com/community/infosec/blog/2013/01/...</a><p>[2] <a href="http://news.ycombinator.com/item?id=5137353" rel="nofollow">http://news.ycombinator.com/item?id=5137353</a>