Intelligent sound box regards the most popular content couplet net on market as one of equipment, its security also gets even more the attention of people.
Recently, group Tencent Blade Team discovers Tecent safety and reported sound box of intelligence of Gu Ge Home many brand-new flaw, be in need not the user is interactive the success below the circumstance defeats solution. Group of cereal song safety for a short while express one's thanks to affirms this flaw is flaw of Gao Wei safety, this also is Gu Ge Home affirms first times external without flaw of osculatory breach safety.
Go up in DEFCON of global hacker congress before this, tencent Blade Team returned the spot to demonstrate how black into Yamaxun Echo sound box, realize long-range control, eavesdrop, recording. It is reported, element has " hacker world cup " the Mobile Pwn2own that say will in November the middle ten days of a month kicks off in Japan, although Tencent Blade Team did not take part in the match, take Yamaxun successfully already however Echo and Gu Ge Home the item of race of content couplet network with these two top integral.
From Yamaxun Echo arrives Gu Ge Home
Tencent Blade Team founds by ministry of Tecent safety platform, devote oneself to safety of technology of Internet forward position to consider, content couplet net is one of direction of its stress research. This year in August, they head sent pair of Yamaxun the research achievement of Echo of intelligent sound box, achieved the broken solution to Echo through a variety of means. Because its are broken the Gao Heying that sees difficulty is noisy of limits big, drew the wide attention of domestic and international numerous and safe expert.
Compare Yamaxun Echo, gu Ge Home was used completely different operating system and more the safety of high strenth defends mechanism, still have no a group to use flaw to carry out baleful code implementation not to have osculatory breach on Gu Ge Home up to now. And the flaw that this Tencent Blade Team discovers, can make aggressor long-range below certain condition implement baleful code, be in need not any users are interactive data of filch of the implementation below the circumstance and privacy, become silent recording.
Be worth what carry is, the Yamaxun of successful breach of Tencent Blade Team Echo and Gu Ge Home, happen even if be about to open contest this year " hacker world cup " on Mobile Pwn2own, items of two integral and top race of content couplet network.
Pwn2own is held from 2007 up to now, it is a whole world the hacker contest with the famousest, the most rich and generous bonus, through the hacker attack challenge perfects oneself product. The Mobile Pwn2own contest that was about to hold in Japan this year in November, besides traditional smartphone, added IoT match item first, included the Yamaxun with global at present highest sales volume among them Echo and sound box of intelligence of Gu Ge Home, although Tencent Blade Team did not take part in the match, but sex of the look up before defeating solution to also show those who go up to its study in content couplet net undoubtedly ahead of schedule and excellent actual strength.
Safe path still shoulder heavy responsibilities
Current, tencent Blade Team has reported to Gu Ge this flaw detail, group of cereal song safety for a short while express one's thanks to affirms this flaw is flaw of Gao Wei safety, express to will be pushed in near future all fronts at the same time send safety to update. It is reported, this flaw affects sound box of intelligence of Gu Ge Home not only, still affect a lot of heavyweight software of operating system of current and all mainstream, tencent Blade Team also will report according to responsible flaw flaw repair program reports related flow general other accepts influence firm, facilitating manufacturer is in new version repair flaw.
As the swift and violent development of Internet science and technology, the life of people with each passing day intelligence, but corresponding safe research is far however did not reach the level that develops speed and dimensions photograph to match with its, safe path still shoulder heavy responsibilities. This also is the reason place that ministry of Tecent safety platform establishs Tencent Blade Team.
In two years of time in the past, tencent Blade Team had discovered the many international such as Gu Ge, apple, Yamaxun, Microsoft are famous manufacturer 80 many safe flaw, those who get Internet industry, manufacturer and international safety community is extensive approbate. They aim to pass these to attack the research that defends a technology to Internet forward position, elevate an industry safe consciousness while, also be enterprise safety strategy ahead of schedule layout provides important reference.