An unchanged credential allows anyone to virtually control door locks and elevators at dozens of apartment buildings across North America, a security researcher found.
This. Apartment building doors being unlockable exposes you to the same risk as the extremely troubling technique of clicking every number and shouting “Amazon delivery!”.
Remote access to FOB logs is much worse, though. And somebody needs to explain to me how these installers managed to somehow enter all the real names of the building tenants into an online-facing listing but not change the default password.
I mean, granted, that also is the same level of exposure as with the “get in there and look at the mailbox” exploit, but at least you have to physically go to the place for that, you know?
This. Apartment building doors being unlockable exposes you to the same risk as the extremely troubling technique of clicking every number and shouting “Amazon delivery!”.
Remote access to FOB logs is much worse, though. And somebody needs to explain to me how these installers managed to somehow enter all the real names of the building tenants into an online-facing listing but not change the default password.
I mean, granted, that also is the same level of exposure as with the “get in there and look at the mailbox” exploit, but at least you have to physically go to the place for that, you know?