* Posts by Okidoki

1 post • joined 13 Apr 2017

Half-baked security: Hackers can hijack your smart Aga oven 'with a text message'

Okidoki

Disclosure

The original article on the penetration tester's website

https://www.pentestpartners.com/blog/iot-aga-cast-iron-security-flaw/

ends with a number of paragraphs about how it was hard to get a decent response from AGA to the issue.

I think the challenge of presenting to an organisation such security flaws is a story here. How do you get the right attention without resorting to public disclosure? This story also shows the lack of risk assessment and foreseeable misuse undertaken at design time by the rush to IoT everything in sight

Biting the hand that feeds IT © 1998–2019