A socket powered by the Internet of Things (IoT) suffers from a number of dumb security vulnerabilities. Researchers at Bitdefender Labs came across the flaws as part of their efforts to raise awareness about IoT security in the home. They found the setup process suffered from the following vulnerabilities: The devices hotspot, which the mobile app uses to connect with the socket, is protected by a weak username-password combination. All device-to-application communication is encoded but not encrypted, meaning an attacker can easily reverse the encoding scheme. Users can configure the socket to send them notifications to their email to fulfill that functionality.”]
Source: https://grahamcluley.com/smart-iot-socket-suffers-dumb-security-vulnerabilities/

