TP-Link Kasa cameras leaked home GPS via unauthenticated UDP for 6 years
https://github.com/BadChemical/IoT-Vulnerability-Research-Public/blob/main/TP-Link_Kasa_EC71/Kasa_EC71.mdThis underscores the principle that IoT devices should not be allowed to communicate over the public Internet. Pretty much all cheap, Chinese-made hardware of this kind has intentional or unintentional security holes waiting to be exploited.
loading story #48954697
loading story #48954964
loading story #48960076
loading story #48955069
loading story #48954966
loading story #48956047
routers could solve this for consumers with a checkbox for "intranet only"
99% of consumers won't know how to setup a firewall but could handle a checkbox
only problem I have is I can't seem to punch a hole for time sync and it won't use my local intranet time server
Time server can be specified with DHCP, if you want. Options 4 [deprecated, but that doesn't matter] and 42.
No idea if that helps with your particular devices; they are, of course, free to ignore those fields.
loading story #48954331
loading story #48957532
loading story #48956628
loading story #48954953
loading story #48960398
loading story #48959647
loading story #48959540
loading story #48956046
loading story #48952566
loading story #48959197
loading story #48957912