Troed Sångberg on Nostr: Public disclosure was made today so finally I can talk about how I managed to get ...
Public disclosure was made today so finally I can talk about how I managed to get full access to the Minut M2 IoT device. There will also be a video series, first episode linked below.
The Minut devices (M3 is their newest, my exploit was for the M2) are most often used by short-term rental hosts and before the vendor released new firmware based in my findings there was a real possibility not only that guests could misbehave without the host knowing about it (the product promise) but also that a guest could persist surveillance of any future guests.
Kudos to Minut for having been excellent to work with and amazingly fast at reacting to my report.
https://www.youtube.com/watch?v=ZbKLAjPYOEg
#ReverseEngineering #CyberSecurity #IoT #HardwareHacking
The Minut devices (M3 is their newest, my exploit was for the M2) are most often used by short-term rental hosts and before the vendor released new firmware based in my findings there was a real possibility not only that guests could misbehave without the host knowing about it (the product promise) but also that a guest could persist surveillance of any future guests.
Kudos to Minut for having been excellent to work with and amazingly fast at reacting to my report.
https://www.youtube.com/watch?v=ZbKLAjPYOEg
#ReverseEngineering #CyberSecurity #IoT #HardwareHacking