Also Hackable: Drive-Through Car Washes

PLAR writes It turns out LaserWash automatic car washes can be easily hacked via the Internet to get a free wash or to manipulate the machines that clean the cars, a security researcher has found. Billy Rios says these car washes have web interfaces with weak/default passwords which, if obtained, could allow an attacker to telnet in and use an HTTP GET request to control the machines. Rios adds that this probably isn't the only car wash brand that's vulnerable.

Embedded systems devs

Embedded system developers suck at all things internet, especially security.

Re:Embedded systems devs

[kwbauer]

Oh yes, the old "you failed because you didn't account for your product to be used in ways it was never intended to be used" reasoning. Many a good company has been bankrupted because juries have been convinced that your statement is actually logical.

Some things do not belong on the Internet

[davidwr]

Some things just should never be put "on the Internet."

If you must have remote access, either use a dedicated physical connection (with appropriate anti-tampering/tamper-mitigation measures of course) or tunnel them through a rock-solid VPN, but for goodness sake don't put them "on the Internet."

Yes, companies that run industrial equipment, traffic lights, etc., I'm looking at you too.

Re:Some things do not belong on the Internet

[nitehawk214]

So, you can't stick a credit card into the thing. And when it breaks down nobody gets alerted.

Traffic lights: No ability to know when they are working or not, no way to synchronize lights across the city.

Think about it. Devices need to be connected. Security isn't hard, companies need to start giving a shit about it.

Re:What? BMW through the brush wash?

[JaredOfEuropa]

[anyoldlameexcuse] will void the warranty if they can get away with it.