November 23, 2024

Valley Post

Read Latest News on Sports, Business, Entertainment, Blogs and Opinions from leading columnists.

Students identify security vulnerability that could allow millions to wash their clothes for free – Planet

Students identify security vulnerability that could allow millions to wash their clothes for free – Planet

Who would have thought that there would be a way for internet-connected washing machines to wash clothes for free?

A security flaw could allow millions of students to wash their clothes for free, thanks to one company. All because of one person Weakness identified by two students from the University of California, Santa Cruz, in Internet-connected laundry machines for commercial use in various countries.

The two students, Alexander Sherbrooke and Yakov Taranenko, exploited the application programming interface (API) to implement the use of laundromats, and were able to remotely command them to operate without a prior command or update the account balance, offering millions of dollars in credit. The company that owns the laundromats, CSC Service Works, says it has more than a million laundromats and vending machines in colleges, apartment complexes, public laundromats and beyond, in the United States, Canada and Europe.

CSC never responded when Sherbrooke and Taranenko informed them of the security breach via email and phone call in January, according to a report by CSC. TechCrunch. But the two students said that the company “quietly hid” the millions that were not in their account after they informed it of this.

The lack of response prompted them to communicate their findings to others. Among them is that the company published a list of commands, which the two students said allow communication with all washing machines connected to the CSC network.

The identified vulnerability in the CSC system is a useful reminder that the entire issue of cybersecurity is still far from settled. The security gap identified by the two students may be to blame for the CSC, but in other cases, a lax approach to digital security has allowed hackers and others to access strangers’ security cameras or even smart devices.

See also  NASA: The first 3D map of the "red" planet is a reality

Often, security experts find these vulnerabilities and update them before anyone can exploit them. But this does not help the situation because the company responsible for it does not even respond to the notifications it receives.