Boing Boing 

Samsung fridges can leak your Gmail logins

Researchers at Pen Test Partners took up the challenge to hack a smart fridge at Defcon's IoT Village, and discovered that they could man-in-the-middle your Google login credentials from Samsung fridges.

Read the rest

Insurance monitoring dashboard devices used by Uber let hackers "cut your brakes" over wireless


UCSD computer scientist Stefan Savage and colleagues will present their work at Usenix Security: they were able to disable the brakes on a 2013 Corvette by breaking into a Mobile Devices/Metromile Pulse dongle, used by insurance companies to monitor driving in exchange for discounts on coverage.

Read the rest

After a rush, aviation stopped "progressing" -- the Web might be next


Maciej Cegłowski's "Web Design: The First 100 Years" is a characteristically provocative riff on the past and future of "progress" that asks the question, if aviation stopped producing faster, more powerful aircraft in the 1970s, will the IT industry do the same?

Read the rest

Internet-connected hospital drug pumps vulnerable to remote lethal-dose attacks


Researcher Billy Rios (previously) has extended his work on vulnerabilities in hospital drug pumps, discovering a means by which their firmware can be remotely overwritten with new code that can result in lethal overdoses for patients.

Read the rest

If you want a picture of the future, imagine a Roomba leaking pix of your home, forever

The game-plan for future Roombas may fit them with cameras that send images of your home to a remote service that identifies obstacles and lets the little robots clean around them -- what could possibly go wrong?

Read the rest

John Deere: of course you "own" your tractor, but only if you agree to let us rip you off


John Deere freaked out over a a petition to the Copyright Office to let tractor owners break the DRM on their vehicles in order to diagnose and fix them.

Read the rest

Self-sustaining botnet made out of hacked home routers


Telcos send routers with default passwords to their customers, who never change them, and once they're compromised, they automatically scan neighboring IP space for more vulnerable routers from the same ISP.

Read the rest

Smart Grid consortium rolled its own crypto, which is always, always a bad idea


When you make up your own crypto, it's only secure against people stupider than you, and there are lots of people smarter than the designers of the Open Smart Grid Protocol, who rolled their own (terrible) crypto rather than availing themselves of the numerous, excellent, free public cryptographic protocols.

Read the rest

Drug pump is "most insecure" devices ever seen by researcher

Security researcher Jeremy Richards has called the Hospira Lifecare PCA 3 drug-pump "the least secure IP enabled device" he's examined.

Read the rest

An Internet of Things that do what they're told


California's phone bricking bill seems to have reduced thefts in the short run, but at the cost of giving dirty cops and wily criminals the power to wipe-and-brick your phone at will.

Read the rest

If dishwashers were Iphones


My latest Guardian column is design fiction in the form of an open letter from a dishwasher company whose kitchenware marketplace and Dish Rights Management system is under fire.

Read the rest

Samsung: watch what you say in front of our TVs, they're sending your words to third parties


Part of the Samsung Smarttv EULA: "Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition."

Read the rest

Why "smart cities" should be an Internet of People, not Things


Adam Greenfield proves again that he's one of the best writers and thinkers on "smart cities," explaining how the top-down, expensive, tech-centered approach produces unlivable corporate dystopias in which people are just another "thing" to be shuffled around -- and showing that there's an alternative, low-tech, high-touch, human-centered version of the smart city that makes resilient, thriving communities.

Read the rest

Smart Pipe: a design fiction from the Internet of Things dystopia

11 minutes seems like a long ask for a gag video about an Internet-of-Things toilet-analyzer, but man, is it worth it.

Read the rest

Dutch IT contractor lays out the case for spying on everyone's wearables, always

A promo video from Pinkroccade, a prominent IT contractor to Dutch local governments, makes the case for spying on wearables (if your heart-rate rises because you're about to be mugged, the police could be alerted, and get GPS from your phone, find nearby phones belonging to people with criminal records, check the view from your Google Glass, and respond -- case closed).

Read the rest

Smart thermostat makes dumb security mistakes

Andrew Tierney had a close look at Heatmiser's popular wifi-enabled thermostat and found it to be riddled with security vulnerabilities.

Read the rest

Insecure printer firmware hacked to play Doom

Printer security sucks -- but Michael Jordon's work on hacking the firmware of the standalone Canon Pixma printer is a more playful example of that suckitude than ever seen before.

Read the rest