Any Ubiquiti Users? Data Breach Reported!

[Foxbat]

Ubiquity breach post retracted

Report: Theft of crypto secrets could allow hackers to remotely log in to devices.

arstechnica.com

Final Thoughts on Ubiquiti – Krebs on Security

 

[harshness]

I wonder how many other firewall providers (primarily Cisco I suppose but also including HP and others) have had similar issues that have thus far gone unreported.

 

[TV Junkie]

I wonder how many other firewall providers (primarily Cisco I suppose but also including HP and others) have had similar issues that have thus far gone unreported.

All of them...?

Every "body" everywhere happy as hell to collect our data. Yet NONE of them seem capable of protecting said data.

 

[harshness]

All of them...?

Not that many companies are so deeply embedded in situations where the amount of data available for harvest is so great.

 

[TV Junkie]

Not that many companies are so deeply embedded in situations where the amount of data available for harvest is so great.

Except just about everybody has at some time or another received a letter explaining how "your personal data may have been exposed".

Some of us have received that letter more than once, from multiple entities.

 

[harshness]

Except just about everybody has at some time or another received a letter explaining how "your personal data may have been exposed".

I've received a few but none of them were attributed to firewall compromises such as this. Not all data compromises are the same and cloud compromises are particularly troubling because most everything has to be set up to run remotely so you can't summarily deny addresses and ports as you can on a local network.

 

[Foxbat]

Has anyone seen this video from Crosstalk Solutions? I've watched a few of his other videos where he talks about Ubiquiti hardware solutions and this video has some good suggestions about what you should do if you have Ubiquiti hardware and a Cloud account.

​

 

[TV Junkie]

I've received a few .

yes. That's what I stated. Exactly thank you.

 

[Radioguy41]

I've received a few but none of them were attributed to firewall compromises such as this. Not all data compromises are the same and cloud compromises are particularly troubling because most everything has to be set up to run remotely so you can't summarily deny addresses and ports as you can on a local network.

Hence the Achilles heel of running in the cloud. I've never understood how anyone could think running apps or storing their data in the cloud is a good idea. Why would anyone want to park their critical data out in Never Never Land and count on people they don't even know to be responsible for protecting it? Seriously?

 

[Foxbat]

Why would anyone want to park their critical data out in Never Never Land and count on people they don't even know to be responsible for protecting it? Seriously?

Just wait until Windows basically becomes an Azure Cloud service and your laptop is a glorified graphics display device. Battery life will be awesome because the local processor isn’t crunching data, it’s just putting pixels in the right place in the right color.

As long as the Internet is up, of course, and you have connectivity…

 

[harshness]

Just wait until Windows basically becomes an Azure Cloud service and your laptop is a glorified graphics display device.

That worked so well the first time Microsoft tinkered with thin Windows clients. How many times have they changed their graphics/HID API since then?

Of course for those who use the typical notebook, it would be no biggie, but for those who require access to complex HID devices (gaming sticks?) or gobs of horsepower aren't going to stand for it. Keyboard latency?

It wouldn't be a good idea to cede standalone computing to Linux or similar if they have any hope of remaining relevant going forward. The chasm is a lot narrower than they think.