頁:
[1]
小米嚴重漏洞 GOOGLE中止智能服務
要是今天有人家的GOOGLE語音無法操控小米設備就是因為這個小米攝影機很容易被駭 有資安的嚴重問題甚至有人直接連到其他人家裡看到攝影機的畫面無線分享器應該也首ㄉ造成GOOGLE覺得這個問題很嚴重需要下架小米服務GOOGLE HOME 退出MI HOME 帳號連結後在新增硬體的連結立面就再也找不到MI HOME 了....最新的消息是 GOOGLE 正在連繫小米解決這個問題 來源androidpoliceSo-called "smart" securitycameras have had some pretty dumb security problems recently, but a recentreport regarding a Xiaomi camera linked to a Google account is especiallydisturbing. One Xiaomi Mijia camera owner is getting still images from otherrandom peoples' homes when trying to stream content from his camera to a GoogleNest Hub. The images include stills of people sleeping and even an infant in acradle. In the meantime, Google has entirely disabled Xiaomi integration forGoogle Home and the Assistant while it works out the issue with Xiaomi.This issue was first reported by user/u/Dio-V on Reddit and affects his Xiaomi Mijia 1080p Smart IP Security Camera,which can be linked to a Google account for use with Google/Nest devicesthrough Xiaomi's Mi Home app/service. It isn't clear when Dio-V's feed firstbegan showing these still images into random homes or how long the camera wasconnected to his account before this started happening. He does state that boththe Nest Hub and the camera were purchased new. The camera was purchased fromAliExpress and noted as running firmware version 3.5.1_00.66.When attempting to access a video feed fromhis connected camera (as depicted in the video above), instead of the expectedlocal video feed, he's provided a random, occasionally partly corrupted blackand white still image from another home. Among the eight or so examplesinitially provided to Reddit are a handful of disturbingly clear images showinga sleeping baby, a security camera's view of an enclosed porch, and a manseemingly asleep in a chair.Dio-V also believes the content of therandom still images being fed to his Nest Hub, which contain Xiaomi/Mijiabranded date/timestamps, depict a different time zone than his own.It's technically possible this could be anelaborate hoax, but the video evidence is pretty damning. Whatever feed istrying to be accessed is clearly something that is actually integrated withGoogle Home/Assistant, and the fact that it's intermittently corrupted andshowing still images rather than the expected video is also pretty high-effortfor a fake. It's also possible these could be some sort of test images and he'sinadvertently accessing a debug mode/feed, among other potential explanations. Google isn't taking any chances, though. Wereached out to the company and were provided with the following statement afterour story was initially published:"We’re aware of the issue and are incontact with Xiaomi to work on a fix. In the meantime, we’re disabling Xiaomiintegrations on our devices."We reached out for further confirmationthat this would mean a blanket disabling of all Mi Home product integrations orcommands for the Assistant, and we have confirmed that this is the case. Ourown subsequent attempts to use Mi Home integrated devices through GoogleHome/Assistant show that Google has already disabled this functionality at thetime of our update, and Dio-V (the Reddit user with the original report) hasconfirmed for us that his camera is no longer working on his Nest Hub.We've reached out to Xiaomi for comment, aswell as additional details surrounding how an issue like this could occur, butthe company did not immediately respond.This isn't the first time that smart homesecurity cameras have has this sort of problem before. Memorably, some usedNest cameras would remain linked to an original owner's account, providing thema glimpse inside the new purchaser's home. More recently, Wyze, who makes smartsecurity cameras, also recently suffered a "mistake," storingunsecured user data in a publicly accessible manner and requiring all customersto pair/set up devices again....<div class='locked'><em>瀏覽完整內容,請先 <a href='member.php?mod=register'>註冊</a> 或 <a href='javascript:;' onclick="lsSubmit()">登入會員</a></em></div><div></div>
頁:
[1]