The Raspberry Pi Foundation was reportedly offered cash to put malware on its latest boards. The organization declined the offer.
Best Raspberry Pi, Arduino DIY Projects For Your Holiday Downtime
(Click image for larger view and slideshow.)
Malware on your nice, new system could be as close as a hacker's checkbook. That checkbook will need to work with an organization other than the Raspberry Pi Foundation, though. Open slots in Raspbian Linux are not for sale.
Numerous news sites are reporting that Liz Upton, the Raspberry Pi Foundation's communications director, received an email offering to pay the foundation to put an executable file on its small controllers that would take users to a particular website. Upton declined the opportunity and tweeted an image of the solicitation with critical details redacted.
Certain details of the file to be included (such as the ".exe" extension) indicate that the latest version of the Raspberry Pi -- a version capable of running Windows 10 Embedded -- is the target. Windows 10 compatibility opens the new Raspberry Pi to a new realm of malware, though the Internet of Things doesn't require Windows to provide a malware vulnerability.
In fall 2015, malware was found that infects IoT devices running Linux. While the malware, Linux.Wifatch, behaves oddly for its kind, its ability to infect IoT devices is a demonstration that a GUI and attached keyboard are not required for malware infection.
Linux.Wifatch seems to actually protect infected systems from other malware, but researchers and security analysts know that malware authors can't be counted upon to behave altruistically in the future.
One of the significant problems facing IoT developers is a lack of choice in anti-malware packages dedicated to the embedded system market. McAfee offers a product aimed at embedded systems, but it is limited in its target platforms and notably lacking in extensive competition.
Until robust security is available across IoT platforms, it's a near certainty that companies depending on malware for their business will continue to chip away at vendors in the embedded systems market. It should be only a matter of time before they find one with standards that are sufficiently low -- or cash-flow requirements that are sufficiently high -- to make deal, at which time the IoT will change, and not in a good way.
**Elite 100 2016: DEADLINE EXTENDED TO JAN. 15, 2016** There's still time to be a part of the prestigious InformationWeek Elite 100! Submit your company's application by Jan. 15, 2016. You'll find instructions and a submission form here: InformationWeek's Elite 100 2016.
Curtis Franklin Jr. is executive editor for technical content at InformationWeek. In this role he oversees product and technology coverage for the publication. In addition he acts as executive producer for InformationWeek Radio and Interop Radio where he works with ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.