From a491de47f6d76b86e1d1bdc2a1d22ef08ff86fdd Mon Sep 17 00:00:00 2001 From: stefanbode Date: Thu, 5 Jul 2018 20:12:39 +0200 Subject: [PATCH] Updated Securing your IoT from hacking (org) --- Securing-your-IoT-from-hacking.org | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Securing-your-IoT-from-hacking.org b/Securing-your-IoT-from-hacking.org index f8b6dc49..13e7ed5e 100644 --- a/Securing-your-IoT-from-hacking.org +++ b/Securing-your-IoT-from-hacking.org @@ -14,6 +14,8 @@ If someone is able to get your WLAN key, he can login into your network, if he i (2) If you can hack a SONOFF you might get access to the keys stored in the device. For example, the MQTT password allows you to read ALL of your devices and change any device at any time. With the information of the MQTT-Server user/password, it might be not required anymore to physically be in your WLAN. Maybe your MQTT Server is publicly accessible. Then the attacker can control your home from any place. +Update: 6.0.0: With this version passwords are not anymore exposed through the serial connection or through the webinterface in configuration mode. Therefore it is now not that simple to get the MQTT or WLAN password from a device. But maybe not impossible + (3) It might happen, that e.g. your Samsung SmartTV is not as secure as it should be and an attacker gets access to your network. Now he can listen to any traffic and maybe can make changes on all of your IoT devices.