Credit: Earlence Fernandes, Jaeyeon Jung, Atul Prakash
As long as you stay off the roads, you’ll be safe from hacked cars. As long as you don’t go outside, you’ll be safe from hacked sniper rifles. As long as you turn off your smart phones, you’ll be safe from it being tracked and hacked too. Just stay home, where you’ll be safe from all of that insecure “smart” crap getting hacked… or not.
These researchers from University of Michigan demonstrated how weaknesses in Samsung’s SmartThings and SmartApps could be abused to plant backdoor door unlock codes, steal existing door unlock codes, disable home vacation mode, and trigger a fire alarm. All the attacker needs to do is trick their victim into installing a fake app and steal an OAuth token from an existing SmartApp. How to do that is left as an exercise for the reader, but maybe John McAfee or John Hering would be willing to help them out.