Samsung's SmartThings ecosystem expands more and more - just think of integration with the zigbee products announced in November - but it seems that Soul's house must pay more attention to the theme of safety, at least according to a recent Techcrunch report.
A report published by Spidersilk is mentioned, a company that operates in the field of cybersiculia, in which it is reported how some Samsung employees have mistakenly led some important information regarding SmartThings.These contain the source code and the encryption keys of the mobile application dedicated to the management of connected devices.
The data escape would take place due to the little attention paid by some engineers, who would have left public access - even without passwords - to the projects available on Gitlab.Within these there would be several details that even include analytical data of Bixby and SmartThings, in addition to the access data to the accounts of some employees, saved in clear within simple text files.These made it possible to consult further private projects, offering access to the signing certificates of the Android versions and iOS of..
According to reports, the case was reported to Samsung already last April 10, but the company did not remove the keys from Gitlab until April 30, or 3 weeks after having become aware of it.