CimmerianX t1_iyb3k3q wrote
Not ok either way... To bad people don't know how to setup network border firewalls in their home.... Outbound traffic should be monitored as much as Inbound traffic.
BaneBlaze t1_iybfyy2 wrote
This would solve the problem but likely break the feature they use cloud for.
Trade offs I suppose
medievalmachine t1_iycxunh wrote
It's for push notifications. How else is it going to work?
CimmerianX t1_iydcifr wrote
With customer approval and opt in, that's how.
medievalmachine t1_iydiv6y wrote
You do have to opt in, otherwise how would they push it?
​
I'm not saying I know everything about this situation - I don't care to spend time to research a product I don't own.
But if you're getting email/text notifications it's not secret.
GetOutOfTheWhey t1_iyeri7i wrote
In the article, the customer opted in for that function thats how he discovered the vulnerability.
The flaw of the function is that it needed the file to first be uploaded to their server and that the upload was unencrypted.
>Moore had enabled the option manually, which is how the security flaw was eventually discovered. By default, the Eufy app’s camera notifications are text-only and don’t have the same issue, since there’s nothing to upload.
Viewing a single comment thread. View all comments