|
|
|
|
|
|
by baybal2
1744 days ago
|
|
|
"Connect to cloud by default" should be banned in any sensible network. It's probably even more devastating that "default password by default" if exploited successfully. A single stolen cert, or access to the device provisioning server instantly gets you "keys to the kingdom," and all of the devices online. A default password, or a vulnerable API on the device, in contract, will still need the attacked to individually find, and hack each vulnerable device. |
|
|