The security world lit up with news of the first instance of an Internet-connected appliance participating in a botnet. Our fears of Skynet made real had come to pass: not only was your fridge keeping your half-eaten tin of Spam cold, it was sending your e-mail account fresh digital spam at the same time.
One problem: the report appears to be based on incorrect assumptions.
Proofpoint, the security firm that published the report, said that the botnet was 100,000 machines strong and sent no more than 10 pieces of e-mail spam per IP address. However, Ars Technica noted that estimating a botnet size is difficult, and that the technique that Proofpoint used -- scanning public IP addresses -- is known to be hard to connect to specific devices.
Additionally, sending only 10 spam messages per IP address in a botnet is unusual. "Traditional spam botnets will push infected PCs to send as many messages as its resources allow," said Ars reporter Dan Goodin. "The botnet reported by Proofpoint requires too much effort and not enough reward."
As Goodin and independent security expert Bruce Schneier noted, though, just because this connected device botnet probably didn't happen this time doesn't mean it won't ever happen.
Despite being "skeptical" of the original report, Schneier said, "it could happen, and sooner or later it will."