The internet of things that shouldn't be on the internet

Laptops, Notebooks, Smartphones and Networking

Moderator: Moderators

Post Reply
User avatar
thegrommit
Ultra nForced
Ultra nForced
Posts: 5354
Joined: Sat Aug 02, 2003 1:24 am

Re: The internet of things that shouldn't be on the internet

Post by thegrommit » Sun Apr 14, 2019 12:11 am

Princeton have made available a tool (currently macOS only) for figuring out what your IoT devices are talking to:

https://iot-inspector.princeton.edu/
- An open-source desktop tool with a one-click install process
- Automatically discovers IoT devices and analyzes their network traffic
- Helps you identify security and privacy issues with graphs and tables
- Requires minimal technical skills and no special hardware
Note that using it means you'll be sharing data about your IoT devices with Princeton's research team
Water cooled clay

User avatar
thegrommit
Ultra nForced
Ultra nForced
Posts: 5354
Joined: Sat Aug 02, 2003 1:24 am

Re: The internet of things that shouldn't be on the internet

Post by thegrommit » Mon Apr 15, 2019 12:47 pm

https://www.troyhunt.com/how-to-track-y ... ack-watch/
Keep that exploit in mind - insecure direct object references are as simple as taking a URL like this:

example.com/get-kids-location?kid-id=27

And changing it to this:

example.com/get-kids-location?kid-id=28
In other words, don't let parental paranoia convince you to buy one of these tracking watches.
Water cooled clay

User avatar
thegrommit
Ultra nForced
Ultra nForced
Posts: 5354
Joined: Sat Aug 02, 2003 1:24 am

Re: The internet of things that shouldn't be on the internet

Post by thegrommit » Mon Apr 29, 2019 9:52 pm

Of course smart locks are capturing all sorts of data:

https://onezero.medium.com/americas-fav ... 9169a8ab2e
The CEO confirmed landlords can see data regarding access events for systems in common areas. This is one of the main grievances raised in the lawsuit currently unfolding in a rent-regulated building in the Hell’s Kitchen area of Manhattan, where tenants say Latch is tracking them as part of a pattern of harassment by the owners to push them out of their apartments so they can rent them at market rate.
Water cooled clay

User avatar
thegrommit
Ultra nForced
Ultra nForced
Posts: 5354
Joined: Sat Aug 02, 2003 1:24 am

Re: The internet of things that shouldn't be on the internet

Post by thegrommit » Thu May 02, 2019 1:35 pm

https://www.vox.com/the-goods/2019/5/2/ ... t-poop-pee
Over the past several years, a patchwork of tech and personal care companies have plunged millions of dollars into a race to control the baby product of the future: smartphone-enabled diapers.
Water cooled clay

User avatar
thegrommit
Ultra nForced
Ultra nForced
Posts: 5354
Joined: Sat Aug 02, 2003 1:24 am

Re: The internet of things that shouldn't be on the internet

Post by thegrommit » Tue Jul 02, 2019 2:14 pm

https://techcrunch.com/2019/07/02/smart ... ock-doors/
When is a smart home not so smart? When it can be hacked.

That’s exactly what security researchers Chase Dardaman and Jason Wheeler did with one of the Zipato smart hubs. In new research published Tuesday and shared with TechCrunch, Dardaman and Wheeler found three security flaws which when chained together could be abused to open a front door with a smart lock.
Water cooled clay

User avatar
thegrommit
Ultra nForced
Ultra nForced
Posts: 5354
Joined: Sat Aug 02, 2003 1:24 am

Re: The internet of things that shouldn't be on the internet

Post by thegrommit » Tue Aug 13, 2019 4:05 pm

Pay attention to the device types
Water cooled clay

User avatar
powerarmour
Mod Squad
Mod Squad
Posts: 11474
Joined: Sun Oct 13, 2002 2:10 am

Re: The internet of things that shouldn't be on the internet

Post by powerarmour » Tue Aug 13, 2019 5:02 pm

A smart fridge should never be allowed to tweet. :)
Libera te tutemet ex inferis

User avatar
impar
Moderator
Moderator
Posts: 18510
Joined: Fri Mar 21, 2003 11:42 am

Re: The internet of things that shouldn't be on the internet

Post by impar » Wed Aug 14, 2019 8:28 am

Greetings!
W10x64 - B450 - R5 3600 - 16GB - RX570 - 275GB - 4TB - 24" 16:10 - 650W

War Continues On, Why Can't We See The Truth, We Are All One

User avatar
thegrommit
Ultra nForced
Ultra nForced
Posts: 5354
Joined: Sat Aug 02, 2003 1:24 am

Re: The internet of things that shouldn't be on the internet

Post by thegrommit » Wed Aug 14, 2019 9:56 pm

https://www.theverge.com/2019/8/14/2080 ... user-error
At least three smart June Ovens have turned on in the middle of the night and heated up to 400 degrees or higher. The ovens’ owners aren’t sure why this happened, and June tells The Verge that user error is at fault. The company is planning an update that’ll hopefully remedy the situation and prevent it from happening again, but that change isn’t coming until next month.
Water cooled clay

User avatar
powerarmour
Mod Squad
Mod Squad
Posts: 11474
Joined: Sun Oct 13, 2002 2:10 am

Re: The internet of things that shouldn't be on the internet

Post by powerarmour » Fri Aug 16, 2019 12:11 pm

The hell...

Libera te tutemet ex inferis

Post Reply