The internet of things that shouldn't be on the internet

Laptops, Notebooks, Smartphones and Networking

Moderator: Moderators

Post Reply
User avatar
thegrommit
Ultra nForced
Ultra nForced
Posts: 7225
Joined: Sat Aug 02, 2003 1:24 am

Re: The internet of things that shouldn't be on the internet

Post by thegrommit »

I guess I shouldn't be surprised that 61% of these weren't reset by their owners before they were sold 8-O

https://arstechnica.com/gadgets/2021/07 ... eset-them/
Like most Internet-of-things devices these days, Amazon’s Echo Dot gives users a way to perform a factory reset so, as the corporate behemoth says, users can “remove any ... personal content from the applicable device(s)” before selling or discarding them. But researchers have recently found that the digital bits that remain on these reset devices can be reassembled to retrieve a wealth of sensitive data, including passwords, locations, authentication tokens, and other sensitive data.
Water cooled clay
User avatar
impar
Moderator
Moderator
Posts: 22550
Joined: Fri Mar 21, 2003 11:42 am

Re: The internet of things that shouldn't be on the internet

Post by impar »

Greetings!
Another day, another WD security flaw
This one affects Cloud OS 3 devices

https://www.theverge.com/2021/7/2/22561 ... disconnect
W10x64 - B450 - R5 3600 - 16GB - RX 5700 - 1TB - 4TB - 24" 16:10 - 650W

This war is nothing but graphs of production intersecting...
General Groves, in Uber Invasion #11
User avatar
thegrommit
Ultra nForced
Ultra nForced
Posts: 7225
Joined: Sat Aug 02, 2003 1:24 am

Re: The internet of things that shouldn't be on the internet

Post by thegrommit »

Having the source available for public view is no guarantee of security:

https://arstechnica.com/gadgets/2021/07 ... developer/
Signs of the backdoor in the KiwiSDR date back to at least 2017. The backdoor was recently removed under unclear circumstances. But despite the removal, users remain rattled, since the devices run as root on whatever computing device they’re connected to and can often access other devices on the same network.
Water cooled clay
User avatar
thegrommit
Ultra nForced
Ultra nForced
Posts: 7225
Joined: Sat Aug 02, 2003 1:24 am

Re: The internet of things that shouldn't be on the internet

Post by thegrommit »

Well done BMW ](*,)
Water cooled clay
User avatar
impar
Moderator
Moderator
Posts: 22550
Joined: Fri Mar 21, 2003 11:42 am

Re: The internet of things that shouldn't be on the internet

Post by impar »

Greetings!
Samsung can switch off your telly
Anywhere in the world

Samsung has surprised the world by announcing that it had switched off all the tellies looted from one of its distribution centres in South Africa.
On July 11, a distribution center located in KwaZulu-Natal, South Africa was looted, and an unknown number of Samsung televisions were stolen. However, all of those TVs were bricked using Samsung’s remote blocking tech.

https://www.fudzilla.com/news/53423-sam ... your-telly
W10x64 - B450 - R5 3600 - 16GB - RX 5700 - 1TB - 4TB - 24" 16:10 - 650W

This war is nothing but graphs of production intersecting...
General Groves, in Uber Invasion #11
User avatar
thegrommit
Ultra nForced
Ultra nForced
Posts: 7225
Joined: Sat Aug 02, 2003 1:24 am

Re: The internet of things that shouldn't be on the internet

Post by thegrommit »

Want a home security system that isn't secure? You've come to the right place:

https://techcrunch.com/2021/08/31/fortr ... ty-rapid7/
But the cybersecurity company said the vulnerabilities include an unauthenticated API and an unencrypted radio signal that can be easily intercepted.

Rapid7 revealed details of the two vulnerabilities on Tuesday after not hearing from Fortress in three months, the standard window of time that security researchers give to companies to fix bugs before details are made public. Rapid7 said its only acknowledgment of its email was when Fortress closed its support ticket a week later without commenting.
Water cooled clay
User avatar
thegrommit
Ultra nForced
Ultra nForced
Posts: 7225
Joined: Sat Aug 02, 2003 1:24 am

Re: The internet of things that shouldn't be on the internet

Post by thegrommit »

Every time I think the worst possible IoT device exists, something else rears it's head
Water cooled clay
User avatar
thegrommit
Ultra nForced
Ultra nForced
Posts: 7225
Joined: Sat Aug 02, 2003 1:24 am

Re: The internet of things that shouldn't be on the internet

Post by thegrommit »

UK only, but this is a good start:

https://www.bbc.com/news/technology-59400762
The Product Security and Telecommunications Infrastructure Bill lays out three new rules:

- easy-to-guess default passwords preloaded on devices are banned. All products now need unique passwords that cannot be reset to factory default
- customers must be told when they buy a device the minimum time it will receive vital security updates and patches. If a product doesn't get either, that must also be disclosed
- security researchers will be given a public point of contact to point out flaws and bugs
Most importantly, it applies to both manufacturers and distributors.
Water cooled clay
Post Reply