When coffee makers are demanding a ransom, you know IoT is screwed
Watch along as hacked machine grinds, beeps, and spews water.
Hasnain says:
Sigh.
“That capability still left Hron with only a small menu of commands, none of them especially harmful. So he then examined the mechanism the coffee maker used to receive firmware updates. It turned out they were received from the phone with—you guessed it—no encryption, no authentication, and no code signing.”
Posted on 2020-09-27T03:31:49+0000