It’s an IoT nightmare. One that is entirely preventable.

Two researchers have disclosed problems with hundreds of vulnerable GPS services using APIs and trivial passwords (123456), resulting in a multitude of privacy issues including direct tracking. Further, many of the vulnerable services have directories exposing logged .

For some, the discovered and disclosed by Vangelis Stykas (@evstykas) and Michael Gruhn (@0x6d696368) aren’t new. They were disclosed during Kiwicon in 2015 by Lachlan Temple, who demonstrated flaws in a popular car tracking immobilization device.

To read this article in full, please click here

Source link


Please enter your comment!
Please enter your name here