Two college students claim to have discovered and reported earlier this year a security hole that permits anyone to forego paying for laundry services rendered by more than a million internet-connected washing machines prevalent in dorms and on college campuses worldwide.
Following repeated denials by the vendor, CSC ServiceWorks, to address the issue, the vulnerability is still unfixed months later.
TechCrunch was informed by UC Santa Cruz students Alexander Sherbrooke and Iakov Taranenko that their vulnerability enables anyone to remotely control CSC-powered laundry machines and perform free laundry cycles.
Sherbrooke claimed that early one January morning, he was sitting on the floor of his basement laundry room, holding his laptop, and that he was “suddenly having a ‘oh s—’ moment.” Sherbrooke had zero money in his laundry account, but he used his laptop to execute a script of code that told the machine in front of him to begin a cycle. With a loud beep, the machine woke up right away and flashed “PUSH START” on the display, meaning it was prepared to wash a complimentary load of laundry.
Also Read:
Support Industry Sustainable Report for Even
The OnePlus Nord 4 and CE 4 Lite may Launch in June, According to a Report