Proof? This is just some random person claiming it's not true but they link to an article which explicitly states that it is in fact true. Am I missing something?
Kevin Beaumont is not exactly a random person in this instance, he's a pretty experienced writer on cybersecurity.
He elaborates farther down the thread:
> A botnet of 3 million toothbrushes would be twice the size on Mirai's various botnets put together, and a MAJOR infosec event. The person they were interviewing has only worked there about a year, and Fortigate staff don't appear to know about this botnet.
Edit to add:
Imagine you read on TechMeme that room-temperature superconductors are now confirmed to exist. But when you trace the story back, the original citation is an article in the Tucson Regional Business Journal about how scientific research benefits innovation. Would you think "wow, big scoop for the TRBJ!" Or something more like, "I bet that business reporter misunderstood something they heard."
Or, similarly, the letter to the editor in NEJM which caused decades of mistrust of MSG -- and which, depending on who you listen to, might or might not have been a deliberate hoax.
I believe the Mastodon OP mistranslated the German article, which states:
> Das Beispiel, das wie ein Hollywood-Szenario daherkommt, hat sich wirklich so zugetragen.
Correct translation:
> This example, which seems like a Hollywood scenario, actually happened.
But as you can see, if you miss the last part, it's easy to get the translation wrong.
(Interestingly, the Swiss article doesn't directly quote Fortinet as a source, but as an expert opinion. Maybe something was lost in translation there when the story went viral?)
I use a couple of TP-Link smart power plugs and one of them occasionally wants to access the internet to get the time from an NTP server. Since I block all their internet access this one goes crazy and brings my DNS server (custom written in Python) down to a halt. Just blocking him in the firewall of the AP would probably also not make him behave and he'd still pollute the RF spectrum. Happens rarely, though. Kicking him off of the WiFi and letting him reconnect makes him behave again.
Funnily enough that happens also when you run the original article through Google translate:
> She's in the bathroom at home, but she's part of a large-scale cyber attack. The electric toothbrush is programmed with Java, and criminals have unnoticed installed malware on it - like on 3 million other toothbrushes.
(In German, toothbrushes are female, like all brushes.)
If he were a good boy, he would listen to what is told to him by the DHCP server and use the local NTP server instead (not only is it closer but it's also fed by PPS-accurate GPS data).
He elaborates farther down the thread:
> A botnet of 3 million toothbrushes would be twice the size on Mirai's various botnets put together, and a MAJOR infosec event. The person they were interviewing has only worked there about a year, and Fortigate staff don't appear to know about this botnet.
Edit to add:
Imagine you read on TechMeme that room-temperature superconductors are now confirmed to exist. But when you trace the story back, the original citation is an article in the Tucson Regional Business Journal about how scientific research benefits innovation. Would you think "wow, big scoop for the TRBJ!" Or something more like, "I bet that business reporter misunderstood something they heard."