Email or username:

Password:

Forgot your password?
Top-level
propapanda :verified:

@foone it would have made very little difference if they shipped a key instead of a password, but these people clearly don't know what they are doing

3 comments
Foone🏳️‍⚧️ replied to propapanda

@panda could have individual keys per device and revoke them as the devices leave service. as it is, they can't do that without changing the passwords on every device

propapanda :verified: replied to Foone🏳️‍⚧️

@foone they totally could have and instead of ssh they could have used mqtt with some basic acls which would have prevent reading other people's location, but also save the overhead of the ssh handshake

Ash_Crow replied to Foone🏳️‍⚧️

@foone @panda if they left the devs' .bash_history copied on every device what are the chances that they used unique SSH keys?

Go Up