[1bc29b36f623ba8]

I have a dummy hotspot with no access to anything whatsoever, and which I allow my TV to connect to. Apart from exposing an undocumented API (with code execution capabilities), and allowing logging in as root over Telnet (without a password), it also tries to fetch software updates over plain HTTP. It's a bloody nightmare.

On the plus side, it was possible to disable many of the smart features once I discovered the telnet capability. :D

[gindely]

Vulnerabilities are a massive trade off. I want my devices to be open to me, not to anyone. Seems like it should be straight forward to give you access to the device (like "scan this qrcode on the inside of this panel" and you get the private key). One can dream...

[1bc29b36f623ba8]

Yeah, pretty much every single "smart" device I've ever bought has had vulnerabilities that never got patched. It's ridiculous.

On the plus side, my 10 year-old laptop still finds a use as an access point/firewall for all those things. :D

[daemin]

Does anyone know of such hacking that someone has done and documented? I'd be interested in trying to telnet or connect to a Samsung TV that I have, or at least be able to sandbox it somehow.