[lots of stuff] could have allowed access to all of Furbo’s customers video feeds, home private photos, voice messages and even toss food to their pets.
3/20/2018 - Bounty: Pet food basket (I rejected it)
That was a great investigation and highlights how insecure a lot of IoT devices really are.
A while back I had the idea that I would buy several inexpensive home automation devices to audit for fun (or for a blog or something) and I reached out to Reddit’s home automation community for suggestions. I remember at least one incredibly negative comment that basically told me I was an awful person for wanting to hack these devices in such a way and I should leave. It amazes me that people would prefer to not know if their devices are insecure.
This is frankly amazing:
We’re lucky that some people have a conscience.
The page is accessible via Google cache: http://webcache.googleusercontent.com/search?q=cache:https://lethalbit.com/furbo/
That was a great investigation and highlights how insecure a lot of IoT devices really are.
A while back I had the idea that I would buy several inexpensive home automation devices to audit for fun (or for a blog or something) and I reached out to Reddit’s home automation community for suggestions. I remember at least one incredibly negative comment that basically told me I was an awful person for wanting to hack these devices in such a way and I should leave. It amazes me that people would prefer to not know if their devices are insecure.
That’s a pretty amazing defect density…