Featured in this episode of Chaos Lever
So, like. Why? Why do things like this even exist? Why would you need to have a solution in your life that allows you to open the garage door over the internet? You’ve already got a way to open the garage door from your car, which is, generally speaking, the times that you’re gonna want to open the garage door! You don’t need to do that shit from like, Walgreens!
SIGH
Annnnnnyyyyyyyway, Home Automation company Nexx (spelled with 2 x’s for double the .. something) have a product that allows you to open the garage door from an app. That app is completely insecure, and has been hacked by a security researcher, who told Nexx about it. Nexx promptly did nothing.
After months of silence, the security researcher went public, and well, here we all are. The attack appears to work because the Nexx app shares information about basically every other device in the timezone. The report goes on to say that other Nexx products are also vulnerable, with the researcher saying “disabling alarm and turning on [and] off smart plugs is pretty neat too,” which frankly says it all.