I spent all day looking for vulns in a IoT clothes dryer. What did I find?
* HTTPS to talk to backend service
* XMPP w/ STARTTLS to steam events
* Cert pinning so no MitM
* Android app obfuscated w/ no obvious backend URLs or certs
* Dryer runs an AP for initial setup w/ DHCP and HTTPS servers
* That HTTPS requires auth with a password printed on a label near the door
Best I could do was get the DHCP server to serve the same IP to every request.
Well done GE.
@kc8apf any word on how LG appliances fare? Asking for a friend.
@kc8apf well shit. A loud "Ping!" at the end of the cycle would be a lot simpler than all that.
But how would you live without your dryer ordering more dryer sheets from Amazon automatically? *eyeroll*
Generalistic and moderated instance.