EEVblog Electronics Community Forum
Products => Computers => Security => Topic started by: windsmurf on July 03, 2019, 07:43:32 am
-
Zipato hardcoded same private SSH key into every one of its hubs, essentially giving everyone within wifi range the keys to open all of their smart door locks
https://blackmarble.sh/zipato-smart-hub/
Correction: If the hub is connected to the Internet, then anyone on the Internet can open your Zipato smart-locked doors. :o
-
:-+ Brilliant
:palm:
This is why I hate "Internet of Things" -- Essentially devices which have no business being connected to the Internet. What's worse, people who have no idea about networking expose these types of devices to the for everyone to see and abuse (https://www.shodan.io/search?query=Zipato).
-
They're just following in the footsteps of the big guys: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-sshkey