Author Topic: Zipato hardcoded same private SSH key into every one of its hubs  (Read 669 times)

0 Members and 1 Guest are viewing this topic.

Offline windsmurf

  • Frequent Contributor
  • **
  • !
  • Posts: 626
  • Country: us
Zipato hardcoded same private SSH key into every one of its hubs, essentially giving everyone within wifi range the keys to open all of their smart door locks
https://blackmarble.sh/zipato-smart-hub/

Correction: If the hub is connected to the Internet, then anyone on the Internet can open your Zipato smart-locked doors.   :o
« Last Edit: July 03, 2019, 07:50:11 am by windsmurf »
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 3965
  • Country: au
Re: Zipato hardcoded same private SSH key into every one of its hubs
« Reply #1 on: July 14, 2019, 10:50:42 am »
 :-+ Brilliant
 :palm:

This is why I hate "Internet of Things" -- Essentially devices which have no business being connected to the Internet. What's worse, people who have no idea about networking expose these types of devices to the for everyone to see and abuse.


 



Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf