undefined | Better HN

0 pointsta12431y ago0 comments

Are you denying the existence of an authorised ssh key on each of these beds allowing the holder of the key?

Are you denying there is a config file pointing to a target called remote-connectivity-api.8slp.net?

No there's not enough evidence to prove in a court of law who has access to the private key, or that the config file is enabling a return ssh connection, but it's pretty damning.

The only thing that's not newsworthy about this is that large amounts of IOT shit does this.

0 comments

duskwuff1y ago

> Are you denying there is a config file pointing to a target called remote-connectivity-api.8slp.net?

Under the path ".ssh.endpoint", too. It's not like it's just a mystery hostname; it clearly has something to do with SSH.

> The only thing that's not newsworthy about this is that large amounts of IOT shit does this.

And - just to be clear - that doesn't mean it shouldn't be reported on! Talking about this stuff, and having concrete, specific examples, is good.

avalys1y ago

"I downloaded the firmware and I found an SSH key and a configuration file that mentions an SSH endpoint; therefore, I know that all of Eight Sleep’s engineers are allowed to remotely SSH into every customer’s bed and run arbitrary code!"

Do you not see a problem with this line of reasoning? That's literally what he says in the article, and he presents it as a near-certainty, not the wild leap of unsupported reasoning that it is.

ta1243OP1y ago

Is your argument that there may be an internal policy which restricts access to the private key to a subset of engineers?

j / k navigate · click thread line to collapse