p4ybackDec 29, 2022
Sam
The quality of this write up 🀌🏼 https://downrightnifty.me/blog/2022/12/26/hacking-google-home.html
Turning Google smart speakers into wiretaps for $100k

I was recently rewarded a total of $107,500 by Google for responsibly disclosing security issues in the Google Home smart speaker that allowed an attacker within wireless proximity to install a "backdoor" account on the device, enabling them to send commands to it remotely over the Internet, access its microphone feed, and make arbitrary HTTP requests within the victim's LAN (which could potentially expose the Wi-Fi password or provide the attacker direct access to the victim's other devices). These issues have since been fixed.

Matt's internet home
Dec 29, 2022 at 5:08amWeb
Show threadCautionWIP πŸŽƒ+πŸ‡¨πŸ‡¦+πŸ³οΈβ€πŸŒˆ= Dec 29, 2022
@samgintz That’s a hell of a write up. And clear enough that even a non-hacker type like myself could follow it.
Show threadSamDec 29, 2022
@cautionwip that's what makes it so great! :)
Show threadCautionWIP πŸŽƒ+πŸ‡¨πŸ‡¦+πŸ³οΈβ€πŸŒˆ= Dec 29, 2022
@samgintz Mark my words, this sort of clear, accessible writing is just going to lead to more people learning about security and reporting exploits, and then what are all the zero-day markets going to do? Will nobody think of the criminal corporations that have families and..I dunno…thugs to feed?