News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • An IoT company which has fixed most/all vulnerabilities

    Posted on MrJimPhelps Comment on the AskWoody Lounge

    Home Forums AskWoody support Connected home / Internet of things Questions: Other home/IoT products An IoT company which has fixed most/all vulnerabilities

    This topic contains 3 replies, has 2 voices, and was last updated by  anonymous 2 years, 2 months ago.

    • Author
      Posts
    • #125915 Reply

      MrJimPhelps
      AskWoody_MVP

      Finally, some good news on the IoT front — Segway fixes most/all vulnerabilities in the Segway MiniPro.

      A researcher successfully hacked a very vulnerable Segway MiniPro. He informed the manufacturer about the vulnerabilities, and most/all of them were fixed!

      https://www.wired.com/story/segway-minipro-hack/

      Group "L" (Linux Mint)
      with Windows 8.1 running in a VM
      2 users thanked author for this post.
    • #126028 Reply

      anonymous

      Why does a self balancing transport device need to have wireless communication?

      From the sound of it a vulnerable device, once infected, could navigate the streets infecting other segways and amassing a large coordinated group.

      Imagine you are riding your segway down the street and another one with no rider passes you, stops, turns and follows you for about 30 seconds. Suddenly yours stops (ignoring the controls) and throws you off and then runs away with the other one.

      Edited for non-relevant content
      Please stay on topic.

    • #126137 Reply

      MrJimPhelps
      AskWoody_MVP

      Why does a self balancing transport device need to have wireless communication?

      Why does anything need to have wireless communication? There are a whole lot of devices these days which DO NOT need wireless communication. The biggest thing which comes to mind is the automobile. There is absolutely no need for a car to have wireless communication. IF a firmware update is needed, it can be installed either via downloading it to your computer, copying it to a flash drive, then installing it; or going to the dealer for the update. Since it is rare to need a firmware update, this will be more than sufficient. Any “entry points” on a car (the stereo system, the tire pressure monitors, Bluetooth for connecting your phone to the stereo) should be isolated from the car’s internal network. The problem is, there is no isolation of these entry points from the car’s internal network, which means that your car is vulnerable to being hacked.

      Building wireless communication into a device causes that device to be vulnerable. Even if the device can be secured, it puts additional burden onto the owner of the device to secure it.

      Group "L" (Linux Mint)
      with Windows 8.1 running in a VM
      1 user thanked author for this post.
      • #126212 Reply

        anonymous

        I read what you typed and started to think of a reply, as I read further you made all my points, so I’ll just agree with you. Isolation of safety critical systems. Additionally safety critical systems should have additional security audits.

        There are a surprising number of firmware updates done by the car dealers, ask a few of them next time you talk to one who deals with modern cars.

        I had a humorous last paragraph for my previous reply, but apparently someone didn’t like it and they edited it out, I wish I was allowed to post it.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: An IoT company which has fixed most/all vulnerabilities

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.