[jfrunyon]

It's very interesting that both Cloudflare and Tesla have the exact same disk setup on such important systems on their corporate networks, down to the numerous strangely small partitions on MMC.

Oh, wait, neither Cloudflare nor Okta were hacked. Crappy IoT devices on their networks - quite likely isolated or untrusted - were hacked.

Frankly if these companies trusted their 'corporate networks', THAT would be the story here. But the fact that someone hacked their cameras was both posted here a few hours ago[1] and not news[2].

[1] https://news.ycombinator.com/item?id=26405056

[2] Seriously! How is "more IoT devices hacked" still a story? It's literally a continuous occurrence. Piss off.

[plugger]

> quite likely isolated or untrusted - were hacked.

I disagree. From my experience there are many big corps out there that use VLANs but don't properly secure them. And even if they did I expect pivoting from these hosts would be trivial when compared to getting in externally.

Finally, these cameras aren't alone. They're often integrated into a centralized controller which has to be routable by both the cameras as well as the host/hosts required to review the footage. So even IF they were properly segmented there's still most likely a path to the 'corp' VLAN.

[jfrunyon]

Cloudflare publicly states that they use a zero trust networking model. So, you can disagree with the facts all you want, but it won't change them.

BTW, the central controller for these cameras is "in the cloud". That's how they were hacked. Keep up.