It’s an nightmare. One that is entirely preventable.

Two researchers have disclosed problems with hundreds of vulnerable GPS services using open APIs and trivial passwords (12346), resulting in a multitude of privacy issues including direct . Further, many of the vulnerable services have open directories exposing logged .

For some, the discovered and disclosed by Vangelis Stykas (@evstykas) and Michael Gruhn (@0x6d696368) aren’t new. They were disclosed during Kiwicon in 2015 by Lachlan Temple, who demonstrated flaws in a popular car tracking immobilization device.

To read this article in full, please click here



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here