IoT weakness
+ Reply to Thread
Page 1 of 2 1 2 LastLast
Posts 1 to 10 of 14

Thread: IoT weakness

  1. #1

    I live on CUK

    vetran is always on top

    vetran's Avatar
    Join Date
    Jul 2005
    Location
    Come Friendly Bombs
    Posts
    26,538
    Thanks (Given)
    751
    Thanks (Received)
    2555
    Likes (Given)
    6444
    Likes (Received)
    5287

    Default IoT weakness

    Half Baked IoT Stove Could Be Used As A Remote Controlled Arson Device | Hackaday

    [Pen Test Partners] have found some really scary vulnerabilities in AGA range cookers. They are connected by SMS by which a mobile app sends an unauthenticated SMS to the AGA to give it commands for instance preheat the oven, You can also just tell your AGA to turn everything on at once.

    The problem is with the web interface; it allows an attacker to check if a user’s cell phone is already registered, allowing for a slow but effective enumeration attack. Once the attacker finds a registered device, all they need to do is send an SMS, as messages are not authenticated by the cooker, neither is the SIM card set up to send the messages validated when registered.
    You could burn half of Islington down!
    "If you didn't do anything that wasn't good for you it would be a very dull life. What are you gonna do? Everything that is pleasant in life is dangerous."

    I want to see the hand of history on his collar.

  2. #2

    TripleIronDad

    BrilloPad is always on top

    BrilloPad's Avatar
    Join Date
    Aug 2006
    Location
    Littering gel wrappers in Surrey
    Posts
    95,894
    Thanks (Given)
    20585
    Thanks (Received)
    5297
    Likes (Given)
    20585
    Likes (Received)
    9202

    Default

    Office really hot today. It was reported last night - however night shift do not have internet access so could do nothing until day shift arrived.

    Someone was telling me MBNA Chester heating was controlled from the USA. Great fun with the time difference.
    Katy Perry - don't be afraid to catch feels. Taylor Swift - feels $1 a go.

  3. #3

    TykeLike

    SimonMac is a fount of knowledge

    SimonMac's Avatar
    Join Date
    Aug 2010
    Location
    God's Own Republic Of Yorkshire
    Posts
    22,146
    Thanks (Given)
    226
    Thanks (Received)
    1118
    Likes (Given)
    806
    Likes (Received)
    2965

    Default

    Wasn't there something recently about a similar vulnerability in washing machines?
    “Live a good life. If there are gods and they are just, then they will not care how devout you have been, but will welcome you based on the virtues you have lived by. If there are gods, but unjust, then you should not want to worship them. If there are no gods, then you will be gone, but will have lived a noble life that will live on in the memories of your loved ones.”

    ― Marcus Aurelius

  4. #4

    I live on CUK

    vetran is always on top

    vetran's Avatar
    Join Date
    Jul 2005
    Location
    Come Friendly Bombs
    Posts
    26,538
    Thanks (Given)
    751
    Thanks (Received)
    2555
    Likes (Given)
    6444
    Likes (Received)
    5287

    Default

    Quote Originally Posted by SimonMac View Post
    Wasn't there something recently about a similar vulnerability in washing machines?
    yep kiddies with libraries they don't understand.
    "If you didn't do anything that wasn't good for you it would be a very dull life. What are you gonna do? Everything that is pleasant in life is dangerous."

    I want to see the hand of history on his collar.

  5. #5

    キツネの帽子をかぶる

    WTFH is a fount of knowledge

    WTFH's Avatar
    Join Date
    Nov 2012
    Posts
    9,436
    Thanks (Given)
    8
    Thanks (Received)
    1115
    Likes (Given)
    978
    Likes (Received)
    3287

    Default

    The old oil/wood ones don't have any electrics in them, never mind electronics. Great when there's a blackout.
    Strong and Stable Moderation

  6. #6

    Godlike

    original PM - scorchio!

    original PM's Avatar
    Join Date
    Apr 2008
    Location
    Cheshire
    Posts
    8,850
    Thanks (Given)
    22
    Thanks (Received)
    280
    Likes (Given)
    72
    Likes (Received)
    1260

    Default

    another reason why the IoT is just pretty dumb and pointless!

  7. #7

    Godlike

    barrydidit - scorchio!

    barrydidit's Avatar
    Join Date
    Oct 2012
    Location
    at the end of my tether
    Posts
    6,866
    Thanks (Given)
    435
    Thanks (Received)
    510
    Likes (Given)
    1725
    Likes (Received)
    2557

    Default

    Quote Originally Posted by SimonMac View Post
    Wasn't there something recently about a similar vulnerability in washing machines?
    And a dildo.

  8. #8

    Old Greg is my bitch's bitch

    northernladyuk - scorchio!

    northernladyuk's Avatar
    Join Date
    Nov 2011
    Location
    Working the streets of your imagination
    Posts
    7,282
    Thanks (Given)
    979
    Thanks (Received)
    496
    Likes (Given)
    344
    Likes (Received)
    2018

    Default

    Quote Originally Posted by original PM View Post
    another reason why the IoT is just pretty dumb and pointless!
    Another reason why original PM is just pretty dumb and pointless!
    Where there's muck there's brass.

  9. #9

    Super poster

    bobspud 's job has never been outsourced


    Join Date
    Jan 2009
    Posts
    3,284
    Thanks (Given)
    171
    Thanks (Received)
    95
    Likes (Given)
    919
    Likes (Received)
    449

    Default

    Yep IoT is a bloody nightmare and most organisations are not even remotely aware how ****ed they are.

  10. #10

    Godlike

    Paddy - scorchio!

    Paddy's Avatar
    Join Date
    Jul 2006
    Posts
    8,630
    Thanks (Given)
    67
    Thanks (Received)
    172
    Likes (Given)
    326
    Likes (Received)
    527

    Default

    How about a Wifi toilet paper dispenser. Instructions on how to download the app behind the toilet door.
    Brexitentropy...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Content Relevant URLs by vBSEO 3.6.0 ©2011, Crawlability, Inc.