Posts: 207 +9
Now it’s not just phones that are smart, it’s TVs and trash cans and appliances too. But there might be some consequences lurking underneath all the smart bells and whistles. Security issues have been widely documented along with the rise of the Internet of Things, so Samsung set Pen Test Partners researchers to work on their smart refrigerator to find vulnerabilities.
At the annual Defcon black hat event in Las Vegas, the team hacked into the 2015 Samsung RF28HMELBSR smart fridge that features a display on the door to show calendar appointments and notes.
If Samsung hoped to pass with flying colors, they didn’t. The team found that the fridge can be forced to share secure communications with relative ease.
In a blog post, the Pen Test Partners team wrote that the fridge does implement SSL, but doesn’t verify if security certificates are valid or not.
So if attackers use a man-in-the-middle attack, they can steal data such as passwords and session tokens from the fridge. Also, since it integrates with Google Calendar, the team said it would be easy to expose a user’s Gmail credentials by targeting the fridge.
Consumers might question the high price tag -- the fridge costs almost $3,600 -- when security isn't guaranteed. Until problems like this are controlled, the safest option might be to go out and buy a magnetic whiteboard to stick on your regular fridge. At least that way it's harder for the neighbors to steal your information.