- High -tech sleep capsules allow Elon Musk and Doge staff
- But a researcher found safety failures, including an AWS key and remote access
- Computer pirates could exploit beds to infiltrate domestic networks and connected devices
Whatever he thinks about Elon Musk and his role leading Dogle (Government Expenses Department), he is certainly not loosening. According CablingAccording to reports, the divisive billionaire has been working long hours (as well as his staff that is apparently spending 120 hours in weeks) and is so committed to the cause of reducing costs, he has been sleeping at the Inge headquarters in the building of the executive office of Eisenhower, just at the end of the White House.
To help everyone with the inevitable fatigue, Musk has accepted a shipment of eight sleep capsules. These smart beds offer to sleep, reading and personalized positioning, snoring mitigation and come with a center to keep the fresh or cozy sleep, depending on their preference. These beds seem to have been supplied with, but they are not cheap if you want to buy them, the upper part of the Cali King 4 ultra cost costs $ 5,000 and requires a monthly subscription of $ 17 or $ 25, it is not a problem if it is a billionaire, of course.
For such a big disbursement, I would expect the beds to be safe to sleep, but now, a security researcher has claimed that the capsules have a worrying failure.
An active AWS key
Dylan Ayrey, of the safety of the truffle, discovered great vulnerability in his smart bed, exposing critical security failures in the mattress connected to the Internet of eight Sleep. The researcher says he found an active AWS key within the bed firmware that seemed to transmit data directly to Amazon.
Cavando deeper, he also discovered a remote rear door that, according to him, gives eight sleeping engineers access to each client’s bed, allowing them to execute arbitrary code without supervision. He says that the sleep patterns, detect occupation or even control the functions of the bed remotely.
Beyond personal privacy, security implications extend to entire domestic networks. With SSH access without restrictions, malicious computer pirates or experts could turn through the bed to infiltrate smart refrigerators, laptops or other connected devices. Ayrey compared the level of access to the controversial “God’s way” of Uber, a tool that the travel transport company had used to monitor users without their consent.
The AWS key was revoked shortly after Ayrey informed him, so his exact purpose is not known. “We can say for the surrounding context that the key had writing access to Kenises, but beyond that, it is not clear,” says Ayrey. “However, what we know is that an attacker could have used that key to send 5,000 ‘put’ applications per second to kinesis and accumulate an invoice of $ 100,000 per month for eight dream.”
Increased with what he found, Ayrey occurred to him his own alternative, safer and safer to the smart bed using an aquarium cooler, which he provides the same temperature control with “none of the applications, subscriptions, internet connectivity, rear put and security responsibilities of an eight dream.”
