>The hub communicates with the Sleep Number servers by opening an SSH tunnel and providing a reverse tunnel back to the hub that their developers can use to connect to the hub and do maintenance when needed.
Kinda interested just to see what the parameters of this are like. Is it using PubkeyAuth or just password? Is it tunnelling home via ip or dns?
If everything is just right, I can imagine the setup for the most hilarious DNS hijack in human history.
In the immortal words of Homer Simpson. Bed goes up. Bed goes down.
Wired: Since Sleep Number beds get tied to orders, break into Sleep Number, find your target, SSH into their bed, and pivot into their home network to steal their crypto wallets.
After all, everyone always hides their money under their mattress ;)
I am not a crypto bro but was the victim of a sim swap attack recently. It was really annoying but at the same time kind of funny because they literally only went after the 2FA app (Authy) once they stole my number, which thankfully didn't have anything meaningful attached to it.
>The hub communicates with the Sleep Number servers by opening an SSH tunnel and providing a reverse tunnel back to the hub that their developers can use to connect to the hub and do maintenance when needed.
Shouldn't bed owners sue them if they haven't been warned of that fact prior to purchase? Getting illegitimate access to your network and backdooring it is criminal offense right?
T&C being enforceable and acknowledged by court systems is a true failure of modern society. There should be a hard character limit on any enforceable T&C agreed to by individuals.
Kinda interested just to see what the parameters of this are like. Is it using PubkeyAuth or just password? Is it tunnelling home via ip or dns?
If everything is just right, I can imagine the setup for the most hilarious DNS hijack in human history.
In the immortal words of Homer Simpson. Bed goes up. Bed goes down.