• perviouslyiner@lemm.ee
    link
    fedilink
    arrow-up
    14
    ·
    edit-2
    1 year ago

    When a report came out on car security, one thing which stood out was how any technician of any of the client car manufacturers could just browse through gps data, cameras etc for millions of customers’ cars.

    One of the many ways they found out was because one system accidentally gave access to customers as well as techs (pro tip: remember to check group membership when doing LDAP authorisation!)