www.ddr.cz Diskuze


Přihlásit



Zapomenuté heslo »
Nová registrace »


TV spot jednoho z prodejců


Anketa

Líbí se vám design tanečních podložek řady X-Pad?

Celkem hlasovalo: 5583

Hledání


DDR.cz – Diskuze
provoz sponzoruje e-shop www.kukacka.cz - váš e-shop s dárky

August Smart Lock Flaw Opens Your Wi-Fi Network to Hackers (Výběr taneční podložky)

freeamfva, Úterý, 18. leden 2022, 04:42 (před 120 dny)

August Smart Lock Flaw Opens Your Wi-Fi Network to Hackers

There’s no question, smart door locks are incredibly convenient. Features like unlocking the front door with a phone app, logging all entries, and automatically locking up when you leave the area are great. If you’re engaged in the short-term rental business, choosing the right smart lock means you can give renters temporary access during their stay, with no need for the messy business of exchanging house keys. Even so, you might have just a little concern in the back of your mind. Hackers got into Kanye West’s Twitter account, after all. Maybe they could open your front door? If you use the August Smart Lock Pro + Connect, that's not the problem. Your front door should stay locked even if a whole hacker krewe marches past chanting, "Open Sesame!" That said, an unpatched security hole in this device means those hackers could gain full access to your Wi-Fi network, which could be its own kind of disaster.To get more news about home security products, you can visit securamsys.com official website.
PCMag has partnered with the Internet of Things security team at Bitdefender to answer just that sort of question. Bitdefender's hacking team puts popular smart home devices to the test, looking for security holes that hackers could misuse. On discovering a problem, the team contacts the manufacturer, to give it time for a fix before disclosing the vulnerability. In the past, Ring has fixed a security problem with one of its smart doorbells that would have allowed a patient hacker to gain full access to the Wi-Fi network to which the device was connected. Belkin likewise fixed a similar problem with its WeMo Smart Plug. When consumers get a more secure product, everybody wins.

Things happened a bit differently in our investigation of the iBaby monitor. The Bitdefender team found a way for any owner of the camera to get access to pictures and videos from every such device. The company notified iBaby, without response. But after we published the news, iBaby pushed out a fix within a few days. That’s another win, albeit a delayed one.For the latest round of testing, the Bitdefender team, led by ethical hacking expert Alex “Jay” Balan, dug into the August Smart Lock Pro + Connect. This one has been a favorite of ours in the past and when we reviewed it in 2017, earned our Editors’ Choice badge. August recently released a version with integrated Wi-Fi that also won an Editors' Choice award. Released three years ago, the Pro edition is an older lock, but you can be sure there are plenty of them installed on doors all over the country.

You control the lock using a smartphone app. If you’re within range, communication is managed via Bluetooth Low Energy (BLE). If not, the app connects through the internet to the Connect bridge (that's where "+ Connect" comes from) which, in turn, controls the lock. The security team found that all commands between the devices are encrypted and “cannot be intercepted or modified.” In addition, the bridge to the Connect device only works if the user has an August lock registered to the account.Access to the account is secured and uses two-factor authentication. Only the owner has full control. Among the owner’s powers are the ability to give others full access, or just limited access. Without that access permission, hackers can't open the door, period.
Like the Ring Video Doorbell, August needs a connection to your local Wi-Fi network. With no keyboard or other input device, you can’t just type in the username and password. Both devices use a common technique to manage the initial connection. You put the device in setup mode, which causes it to act as an access point. You connect to that access point using your smartphone. And the app passes the Wi-Fi login credentials to the device.

Bitdefender’s team discovered a problem with this system. That exchange of credentials was not protected in any way. An intruder listening in to the network, even without logging in to the network, could capture the Wi-Fi credentials and thereby gain full access. Admittedly, the intruder must be listening at the exact moment the exchange takes place, but the researchers found a way to force reentry of the credentials.

Implementing this hack would take a lot of patience. The hacker would have to find a spot close enough to listen in on the Wi-Fi network, perhaps a parked car. The attack that forces the doorbell offline takes time. And the device doesn’t reconnect until its owner notices that it's offline and initiates the exchange.

  250 zobrazení

Celý thread:

 RSS-Feed této diskuze

8263 příspěvků v 7270 vláknech, 3524 přihlášených uživatelů, 18 online přihlášení uživatelé (0, 18 hosté)
Čas fóra: 18.05.2022, 05:43

Novinky

Již tuto sobotu 9.2. PARDUBICE TURNAJ NA TANEČNÍCH PODLOŽKÁCH

06/02/2013

9. února 2013 - SPOFESTA CUP - TURNAJ NA TANEČNÍCH PODLOŽKÁCH

více

TvFit opět v prodeji

31/07/2012

Vážení zákazníci a příznivci tanečních podložek. Dnešním dnem je opět k dispozici interaktivní podložka TvFit.

více

Vesnička Sedlo Vás zve v neděli 29.7. 2012.

20/07/2012

Malebná vesnička Sedlo v Jižních Čechách si Vás dovoluje pozvat na pouťové odpoledne pro děti. Čeká Vás spousta legrace a her pro malé i větší. V neposlední řadě bude možnost si zaskákat na tanečních podložkách a pořádně se vyřádit.

více

PlayDance ve Fitku EDEN

20/06/2012

Ve fitku Eden v Jindřichově Hradci... Taneční podložky a Playdance, Fitko EDEN Jarošovská ulice, každé úterý a neděli od 18:30

více

Turnaj na tanečních podložkách (Brno, 8.5.2012)

02/05/2012

Všechny vášnivé tanečníky zveme na blížící se turnaj v Brně. Všechny potřebné informace naleznete na uvedeném odkazu.

více

Herní víkend se soutěží o taneční podložku

26/03/2012

Herní klub Griffin chystá poslední březnový víkend setkání milovníků deskových her Herní Víkend (30.3.- 1.4.2012)! Těšit se můžete zcela jistě na spoustu her, turnaje, lapry, testování her, čajovnu a dobrou společnost.

více

archiv

Aktuální diskuse

Prodejci

Přeskočit na obsah

  • DDR.CZ
  • Velkoobchod
  • Reklamace
  • Ke stažení
  • Diskuze
  • Kontakt