Burglars Can Easily Make Google Nest Security Cameras Stop Recording

Orome1 quotes a report from Help Net Security: Google Nest's Dropcam, Dropcam Pro, Nest Cam Outdoor and Nest Cam Indoor security cameras can be easily disabled by an attacker that's in their Bluetooth range. The vulnerabilities are present in the latest firmware version running on the devices (v5.2.1). They were discovered by researcher Jason Doyle last fall, and their existence responsibly disclosed to Google, but have still not been patched. The first two flaws can be triggered and lead to a buffer overflow condition if the attacker sends to the camera a too-long Wi-Fi SSID parameter or a long encrypted password parameter, respectively. Triggering one of these flaws will make the devices crash and reboot. The third flaw is a bit more serious, as it allows the attacker to force the camera to temporarily disconnect from the wireless network to which it is connected by supplying it a new SSID to connect to. If that particular SSID does not exist, the camera drops its attempt to associate with it and return to the original Wi-Fi network, but the whole process can last from 60 to 90 seconds, during which the camera won't be recording. Nest has apparently already prepared a patch but hasn't pushed it out yet. (It should be rolling out "in the coming days.")

By smashing them

[WolfgangVL]

with the same blunt instrument they used to break in your windows/doors.

Impressive work.

[fuzzyfuzzyfungus]

Aside from the egregious delay in fixing these things; does anyone else get a very, very, bad feeling about the expected quality of the firmware when 'supply a string longer than a normal user would type' is a successful attack?

If you aren't sanitizing your inputs against that one; what are you sanitizing?