from the that’s-one-way-to-fix-it dept
It will never stop being humorous uncovering just how many smart products are run by dumb companies. If you’re going to roll out a product that connects to the internet, you would think that the very basics of IT/internet security in those products would be taken into account. You would also think that there would be intelligent contingency plans proactively thought out for when something inevitably goes wrong or the unexpected is uncovered.
Meet Nexx. Nexx makes smart garage door openers that allow you to control your garage door via an app either over an internet connection or, if you’re close by, over Bluetooth. A researcher named Sam Sabetan uncovered a series of vulnerabilities within the app itself, which allowed him to get information not just about his own Nexx device, but about a ton of others as well.
Sabtean made a video proof-of-concept of the hack. It shows him fist opening his own garage door as expected with the Nexx app. He then logs into a tool to view messages sent by the Nexx device. Sabetan closes the door with the app, and captures the data the device sends to Nexx’s server during this action.
With that, Sabetan doesn’t just receive information about his own device, but messages from 558 other devices that aren’t his. He is now able to see the device ID, email address, and name linked to each, according to the video. Sabetan then replays a command back to the garage through the software—rather than the app—and his door opens once again. Sabetan only tested this on his own garage door, but he could have remotely opened other users’ garage doors with this technique.
Sabetan believes that this would allow him to open the garage doors for pretty much any Nexx customer. Additionally, it appears that Nexx makes an app allowing for control over a home’s power outlets, too, which he could also manipulate using this technique. This is all obviously a massive security threat, which is why Sabetan contacted Nexx about it.
Nexx ignored him. For months. Worried his messages weren’t getting through, Sabetan then opened a new ticket for support on his device and was contacted back. In response, he again asked Nexx to take a look at the original ticket he’d open for the vulnerability. Nexx again did not respond, which is when Sabetan took the story to Motherboard.
“Great to know your support is alive and well and that I’ve been ignored for two months,” Sabetan replied. Please respond to ticket [ticket number,” he wrote, referring to his vulnerability report.
The response from Nexx finally came, but not to Sabetan. Instead, Nexx simply nuked the entire IoT function of the product, rendering the only method for opening a Nexx garage door to doing so over Bluetooth. It then put this message out to its customers.
“It has come to our attention of a potential internet security vulnerability with the following products: Nexx Garage, Nexx Gate, and Nexx Plug,” an email sent by the company, called Nexx, to customers, reads according to a post on Hacker News. A member of a Facebook Page for Nexx customers wrote a post saying they received a similarly worded email. “As we examine the issue, we are taking proactive action by temporarily disabling internet access remote control” for the products, the message continues.
Nexx and I appear to have a serious deviation in terms of our definition of the word “proactive.” This is all very, very reactive, and it’s causing a bunch of confusion and anger with Nexx’s clients.
“I have two NXG100 units that both stopped working at the same time last night. I disconnected power and reconnected just to see if that would reset it…. that didn’t work,” one impacted customer wrote on the Nexx Community Facebook page. “If they don’t address their security vulnerabilities, it might be time to move onto another product,” the customer added in another post.
And now Nexx is ducking Motherboard’s repeated follow-ups trying to get some kind of comment from the company. If you’re a Nexx customer, or a potential one, this likely won’t set your mind at ease, having a product’s key feature disabled and having security concerns such as this addressed so poorly.
Filed Under: garage doors, iot, smart garage, vulnerabilities
Companies: nexx
Source link
