https://archive.ph/i3X1L
This is your daily reminder that the "S" in "IOT" stands for "Security."
- ∞ 🏳️⚧️Edie [it/its, she/her, fae/faer, love/loves, ze/hir, des/pair, none/use name, undecided]·3 months ago
Why is everything internet connected? Oh yea, I want my stove top to beinternet connected - statements I wish I could say have never been uttered.
- ∞ 🏳️⚧️Edie [it/its, she/her, fae/faer, love/loves, ze/hir, des/pair, none/use name, undecided]·3 months ago
BTW, yea, we got a new stove top it had a WiFi sticker on it WHY. It came with a paper where they had printed licenses, I didn't look at it too much, but I saw "openbsd", WHY IS MY STOVETOP RUNNING OPENBSD SOFTWARE
Probably ships with OpenSSL and/or OpenSSH. Buying a cheap CH341A programmer off of Aliexpress is a lot of fun because you can actually dump the firmware from like 95% of these things with a $5 tool and poke around/reverse engineer them and do some fun things with that knowledge.
If you learn how to set auto start and stop timers, it defeats the convenience of an app. Shit really isn't that hard.
But they're gathering the data to sell to use on the other guy's Bazinga thing, now advertising has mostly collapsed. It's like a city amateur theatre community, no one actually see the shows that aren't in them, they're just passing the same sad $20 note around in a circle. A fully closed bazinga loop that produces nothing, not even useless stuff.
A fully closed bazinga loop that produces nothing, not even useless stuff.
yeah, that's the american economy
A couple years back there was a thing where you could hotwire some Kia models just by jamming a usb plug into a thing on the steering column. Glad to see the brand identity still going strong.
that's how my car got stolen!
when you take the ignition protector off, there's a small square piece of metal that you can put a USB plug onto, or just use a set of pliers or something. then, simply press in and turn like an actual key, and presto, you now own a car.
ShowIt didn't necessarily have to be a USB plug, that was just a convenient device because it was the right shape and size. A large flat screwdriver would work just as well.
Yeah, it was just Kia cheaping out by not having an immobilizer. They saved at the very most $100 a car(probably more like $40) by skipping a basic security feature invented in 1985.
Still very much an ongoing thing that they will face basically no repercussions for
Back in the day there was a key that you turn and starts your car. Easy to steal. So manufacturers created keys with 4 rows of pins in the ignition. Hard to steal if you don't know what you're doing.
Then they moved to inductive transponder keys. Also not really an issue, but not as reliable as the older style keys.
Then some sick fucks said "why not make the transponder on the FUCKING KEY FOB" instead of the car itself which has a giant lead acid battery with millions of amp hours and here we are
Oh great, this totally won't get somebody hurt or killed. Good job, guys!
https://archive.ph/i3X1L
for anyone who doesn't want to solve the captcha, that's an archive of https://www.wired.com/story/kia-web-vulnerability-vehicle-hack-track
...which contains a summary of what is in the researchers' post about it here: https://samcurry.net/hacking-kia
Alternative title: Get free remote start on your KIA with this one simple trick!
We call them The Kia Boys around here. I have a buddy that has been a victim twice.