Your smart plug's connected to your idiotbox, the idiotbox is connected to your WiFi, the ...
Subject: General Tech | August 22, 2018 - 12:59 PM | Jeremy Hellstrom
Tagged: iot, security
Belkin offers a smartplug called the Wemo Insight which provides real time energy usage stats, allows you to program your lights to turn on and off at various times and is a decent replacement for The Clapper; it is also a fairly serious security risk. The UPnP protocol it utilizes is vulnerable to a buffer overflow attack which could allow an attacker access to other devices connected to your WiFi network. The proof of concept provided by McAfee shows a successful attack on a Roku, initiated from the smartplug, as you can see over at El Reg.
Perhaps you should keep that old tech if you don't like touching light switches.
"The flaw, spotted in Belkin's Wemo Insight smartplugs, would potentially allow an attacker to not only manipulate the plug itself, but also allow hopping to other devices connected to the same Wi-Fi home network."
Here is some more Tech News from around the web:
- Chrome 69 is Coming: Not Just a New Look But Flash's Life is About To Get Even Harder @ Slashdot
- Fire chief says Verizon throttled department's data in the middle of massive Cali wildfires @ The Register
- Qualcomm starts sampling 7nm mobile processor with 5G support @ The Inquirer
- TSMC 7nm, 5nm to enjoy strong demand for AI chips @ DigiTimes