A Hacker Talks Security, Consent, and Why He Hacked a Buttplug(gizmodo.com)
gizmodo.com
A Hacker Talks Security, Consent, and Why He Hacked a Buttplug
https://gizmodo.com/buttplug-hacker-talks-security-consent-and-why-he-hac-1837252628
6 comments
I know nothing about how Electron works but from that line what I read is that, even though Electron has a sandbox, it was disabled at build time for that application.
Given that it has to interface with a low-level dongle over some presumably raw protocol that Windows would have blocked, I would not be surprised if the devs just gave the app more and more permissions until it worked and called it a day.
> You can compromise the sex toys in the same way because, again, they don’t prevent you from just uploading your own code.
To the plug? If you have a programming device or the firmware enables it. I don't think this should necessarily be changed in the interest of open firmware. Sure, a client app probably focused on threats from the other direction, even if this application strongly hints at the dangers from the backside. Or maybe that motivated a relaxed approach in the first place. And if the vulnerability is in the SDK from the BT-chip, the plug developer isn't even the culprit.
To the plug? If you have a programming device or the firmware enables it. I don't think this should necessarily be changed in the interest of open firmware. Sure, a client app probably focused on threats from the other direction, even if this application strongly hints at the dangers from the backside. Or maybe that motivated a relaxed approach in the first place. And if the vulnerability is in the SDK from the BT-chip, the plug developer isn't even the culprit.
Chuck Tingle title imitating life again.
I guess he found a backdoor?
This is the first I've heard of electron running without a sandbox. If this is correct, then the security implications are much wider than just sex toys; I had (perhaps naively) presumed that since electron is chromium-based it shared the chrome sandbox strength.