Update your Google Home and Chromecast ASAP, Google to roll out fix
19 June, 2018, 15:39 | Author: Rafael Roberts
If the URL is clicked and the webpage is kept open for around a minute, the user's home Global Positioning System location is found - and subsequently exploited.
Google is planning to release a patch for a worrying IoT security vulnerability that can enable precise location tracking of Home speaker and Chromecast users. IP address lookups can also offer your whereabouts, but can usually only pinpoint your location within several miles.
Young said a demo he created (a video of which is below) is accurate enough that he can tell roughly how far apart his device in the kitchen is from another device in the basement.
Young says he was only able to test the flaw in three different locations, but in each case, the location obtained by the website corresponded to the right street address. These can then be cross-checked using Google's location services to get an accurate location.
The trick, Young said, is made possible my analyzing signal strengths for surrounding Wi-Fi networks and then triangulating a position based on mapped Wi-Fi access points. For example, this sort of specific location data could easily be used in "blackmail or extortion campaigns", potentially making them more effective by giving more credibility to the threat. When the researcher initially filed a bug report to Google describing the issue, the company dismissed the report, closing it with the message "Won't Fix [Intended Behavior]". According to Krebs on Security (via The Verge), Google will fix the problem with an update in mid-July.
The issue is that Home and Chromecasts don't require authentication for commands that come over your local network.
A much easier solution is to add another router on the network specifically for connected devices.
The only way to completely mitigate the risk of being tracked by these kinds of devices is to disconnect them, according to Young, although using professional network segmentation or a separate router for connected smart-home items can help thwart attacks.
Then, you can exchange Intel's processor for AMD's much more powerful one, provided you still have it in the box. For those that did win a processor, AMD is offering up a tantalizing deal to rain on Intel's parade.
Tidal swapped its weekend exclusive on Jay-Z and Beyonce's album for a new exclusive, a single from the Carters called Salud . In the song, the Grammy victor referenced how she has yet to release Lemonade to the streaming service.
Francis made the comparison in a long, off-the-cuff address to a members of a confederation of Italian family associations. The pope also declared that the only family in the eyes of God is a heterosexual partnership.
If someone sends you a link in a chat - or if you send them a link - Messages will give an inline preview of that link's contents. The first signs of Messages for web were spotted back in February , when mentions of the service cropped up in the Android app .
The attacker, who was dressed in black and wore a veil, was subdued by the supermarket staff and later handed over to the police. The 24-year-old perpetrator, who was born in France , hadn't been previously known to the intelligence services.
According to The Sun Online , the contestants actually get paid just £2.80 an hour while they appear on the show. LOVE ISLAND is set to sizzle this summer as the starting line-up of sexy singletons is unveiled.
He also said that the influx of migrants has badly affected the social and criminal situation in the country. The shots caused bystanders to scream but police quickly said there was no reason for the public to worry.
Eleanor Smeal, president of the Feminist Majority, speaks as protesters block the entrance of the headquarters of U.S. She lashed out the media and activists for criticizing border agents for doing their jobs.
Harry Kane rescues England with late victor against Tunisia
But if you scratch beneath the surface with England , you will not find much depth in the goal scoring department outside of Kane. With Alli, Sterling and Lingard playing in advanced roles behind Kane, the responsibility lies with them to step up to the plate.
South Korea, US suspend Ulchi Freedom Guardian exercise
In return, Trump said he would stop joint military drills with South Korea , long seen as a provocation by Pyongyang and Beijing . Trade Representative to prepare new tariffs on $200 billion in Chinese products, a move swiftly criticized by Beijing .
Apple fined $9m for misleading customers
The Australian Competition and Consumer Commission (ACCC) claimed that Apple misled its customers about warranty rights. Apple has offered to compensate about 5000 customers whose devices were disabled by "error 53".
Why isn't Wayne Rooney at the World Cup?
Tunisia equalized in the 35th when Ferjani Sassi converted a penalty, shooting beyond the diving Jordan Pickford . England had penalty claims of their own turned down before struggling to maintain their intensity after halftime.