Comments (1)
ide
commented on May 17, 2024
Cool find, thanks for sharing. Reading through the technical details I think this shows that faking the server is too hard to be worthwhile -- you need to install custom firmware on your WiFi router so that you can reroute traffic sent to Google DNS and instead spoof the DNS response.
The second thing is that the Dash button might one day validate the SSL certificates from the server it thinks is parker-gateway-na.amazon.com. It sounds like the Dash button doesn't validate them at all (which actually seems OK in this specific scenario -- the worst an attacker could do is make your Dash button light turn green) but if Amazon changed that then the Dash button wouldn't connect to the fake HTTP server anymore.
from dash-button.
Related Issues (19)
- node-gyp rebuild fails on Lubuntu 16.04 HOT 1
- An in-range update of nullthrows is breaking the build 🚨 HOT 2
- An in-range update of prettier is breaking the build 🚨 HOT 13
- An in-range update of rimraf is breaking the build 🚨 HOT 3
- Deprecated errors on install HOT 1
- An in-range update of @typescript-eslint/eslint-plugin is breaking the build 🚨 HOT 27
- An in-range update of @typescript-eslint/parser is breaking the build 🚨 HOT 27
- An in-range update of babel7 is breaking the build 🚨 HOT 22
- An in-range update of @types/node is breaking the build 🚨 HOT 36
- An in-range update of @types/yargs is breaking the build 🚨 HOT 2
- An in-range update of eslint is breaking the build 🚨 HOT 7
- An in-range update of yargs is breaking the build 🚨 HOT 1
- An in-range update of @types/jest is breaking the build 🚨 HOT 7
- An in-range update of prettier is breaking the build 🚨 HOT 2
- An in-range update of eslint-config-universe is breaking the build 🚨 HOT 4
- New Amazon Dash buttons not detected HOT 5
- SyntaxError: Unexpected strict mode reserved word HOT 1
- import is not a feature in Node 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dash-button.