Friday, October 27, 2017

CIA-BezosPost Wants To Come Inside Without A Warrant

market-ticker |  I have a dozen ways criminals could exploit this, and they will.
You give Spamzon a means to access your house (e.g. a keypad on your door, etc.)  They now have it.
Let's enumerate a few of the ways you can get hosed:
  • The "employee" (really a contractor, by the way) for Amazon simply steals anything he or she wants in your house while making the delivery -- which you allowed them in for.
  • Your credit card gets compromised.  Said individual orders something on your card to your house, waits for it to be delivered inside and exploits said delivery, either in confederation with the person doing it or by rick-rolling them, and robs your house.
  • The access code is stolen and used to directly access your home.  It's in the cloud.  I'm sure nothing in the cloud will ever be stolen, right?  Uh huh, just like virtually every American's credit file wasn't?  And since the code used to open the door will be authorized guess what -- your high-fautin' security system won't raise a peep as your nice 60" 4k OLED TV and jewelry walk right out the front door!
These took me about 30 seconds to come up with.  A bit more thinking would, I'm sure, enumerate dozens more, all of which will be exploited immediately by those with criminal intent.
I cannot imagine how stupid you have to be to sign up for such a thing.  The "initiative" to get into your car to make deliveries is bad enough, but allowing a retailer's contractors into your home when you have utterly no idea who they are or how said access data will be secured has to rank as one of the dumbest things I've ever heard of, and if you allow it then you have just marked yourself as having an IQ smaller than my running shoes.