Samsung smart fridge leaves Gmail logins open to attack
Dikutip dari The Register:
…While the fridge implements SSL, it fails to validate SSL certificates, thereby enabling man-in-the-middle attacks against most connections.
The internet-connected device is designed to download Gmail Calendar information to an on-screen display. Security shortcomings mean that hackers who manage to jump on to the same network can potentially steal Google login credentials from their neighbours.
*Ke rumah teman*
“Bro, kulkas Samsung mu masih nyala?”
“Masih”
“Konek ke Internet gak?”
“Iya, memangnya kenapa sih kamu tiba-tiba nanya soal kulkas, haus ya?
“Itu… kulkasmu harus diupdate tuh, ada celah ke manan besar yang baru saja diberitakan”