Comment by JoshTriplett
2 days ago
> The vulnerability was in their backend cloud structure.
The vulnerability is in having a backend cloud structure.
(There are plenty of ways to provide remote access without that, and no other feature warrants it.)
Not sure why this is being downvoted, it's a pervasive flaw across all these IoT products. See my description elsewhere here about how Haier "smart" controls work. It's completely insane, and pointless. For systems that can't fail--I include heating systems in the winter--this kind of "move fast and break shit" way of doing it is malpractice. The last thing in the entire world I want my furnace controls doing is an automatic OTA firmware update. Ever.
Exactly. I want a "smart thermostat" that's entirely under my control, not the manufacturer's.
And the manufacturer wants something that's under their control, not your.
1 reply →
But then you would have to configure something on your router and have dynamic dns for remote access and that’s too hard.
8 replies →