According to the network arstechnica reports, Samsung smart home system loopholes can make remote hackers to attack a user's residence, in any place can open the door lock is connected with the system. Several scholars at University of Michigan for the world's leading Internet of things platform - Samsung Things Smart system designed a number of proof of concept virus, the door lock on the attack is one of them. The Internet of things platform allows users to connect with the door locks, temperature regulators, ovens and security systems in the home. By acquiring the Things Smart system and the related App (token Oauth) to be the real user. Once the user clicks on a similar link to the HTTPS agreement with Samsung official login page, you can get the user's user name and password, and to use the device for remote attacks.
Researchers said that the Samsung Home Smart system itself exists two vulnerabilities, so that the researchers can attack it, and these two vulnerabilities are difficult to repair. They also point out that consumers should be careful about whether to use the system to connect with the door locks at home and other items that are guaranteed to be safe.
Researchers will be in 2016 IEEE Security & Privacy conference was to make a report, which states that: "these vulnerabilities may cause homes were broken into, stolen, users get the false news and user property damage and so on threats, but also threatened and not a device but all users."
Samsung smart things official response says OAuth mechanism of vulnerabilities have been fixed, but because it did not point out where the leak, and application procedures of the smartapps store indeed can makes remote attack established the fact that constantly conceal, so repair vulnerabilities reliability remains questionable.