Update: Samsung has issued a statement to us, which just expands on its earlier response. You can read it below the video.
Computer science researchers from the University of Michigan have shown how malicious apps could take control of Internet of Things devices in Samsung’s SmartThings platform – including the ability of an attacker to unlock a front door to gain physical access to a home.
The main weakness identified is that way that the SmartThings platform grants apps more privileges than needed to perform their stated functions, reports The Verge.
The researchers demonstrated this finding with a proof of concept app promising to monitor battery life on various devices. If the user agreed to let the malicious — but seemingly innocuous — app access their smart lock, the researchers could then not only monitor its battery, but perform the lock’s other functions, including unlocking the door. The researchers found 42 percent of 499 analyzed SmartApps are currently over-privileged in a similar way …