Security Researcher Publication

Vernon Miller shared this thanks 19 days ago

Some security researchers published a paper on Tuesday (July 2, 2019) about several vulnerabilities they discovered on the Zipato platform. They indicated that Zipato had fixed the issues, but the article seemed to contradict itself because later in the article they indicated that Sebastian told them "each smart hub now comes with a unique private SSH key and other security improvements. Zipato has also since discontinued the ZipaMicro hub in favor of one of its newer products." My question is did they fix it for existing customers as well?


https://techcrunch.com/2019/07/02/smart-home-hub-flaws-unlock-doors/

Comments (5)

photo
1

And still no answer from Zipato here...

photo
1

Hello,


everything was handled before March.

More information here: https://community.zipato.com/topic/security-problem-with-zipamicro

photo
1

Thanks for your comment.

I have still two questions left:

  1. Is the Zipabox v1 (with default support of e.g. Zwave) affected?
  2. In which firmware version is the problem resolved?

photo
2

1. No, the issue did not exist on Zipabox1.

2. You can be assured that with the official firmware everything is resolved.

photo
2

I really struggle to understand Zipato's attitude to their customers. This could have been turned into a "win" for Zipato by issuing a nice official statement rather than single line responses buried in the forum.

Is it that Zipato don't care?

This forum is a joke, more spam than proper interactions, very rarely is there any help from Zipato.

photo