Slashdot Mirror


Honeywell Home Controllers Open To Any Hacker Who Can Find Them Online

Trailrunner7 writes: Security issues continue to crop up within the so-called "smart home." A pair of vulnerabilities have been reported for the Tuxedo Touch controller made by Honeywell, a device that's designed to allow users to control home systems such as security, climate control, lighting, and others. The controller, of course, is accessible from the Internet. Researcher Maxim Rupp discovered that the vulnerabilities could allow an attacker to take arbitrary actions, including unlocking doors or modifying the climate controls in the house.

1 of 85 comments (clear)

  1. Common problem across industry by Anonymous Coward · · Score: 5, Interesting

    As someone "in charge" (Systems Architect) of how many of our product lines are secured on the network (obviously not Honeywell), most people in the field would not believe how much time I waste explaining to people over and over and over again that I will not "simplify" the authentication protocols by getting rid of (strong security practices) just because we use SSL. Its an ongoing fight to keep things strong against a thousand little pushbacks from developers, product management, marketing, sales, and legal. Posting anon as its still in progress, comes up at least once a week.