Even yours exercise equipment Protected by security features. Products reports Pens Test Practitioners’ Jan Masters he found error with Peloton security that allows attackers to capture information, including user information (such as age and weight), location and physical statistics. The researcher found that you could create unsafe apps on the Peloton app to retrieve someone else’s information, even if they have secretly lost their account.
The problem has already been fixed, but only a little later. Masters said he secretly revealed the wrongdoing on January 20, but was not answered until he reached out to reporters 90 days later (as is the case with security). Peloton has quietly released a half-plan on February 2 to just get a chance to use only the users – anyone with members can keep an eye on your profile. Peloton “resolved the issue within a week.
It is unknown at this time what he will do after leaving the post.
The company is ready to change its approach, at least. Prophet Amelisa Lane said Products claiming that Peloton was a “slow reformer” to the Masters of his efforts to address insecurity. The company will strive to “work collaboratively” with security analysts in the future, Lane added.
There is a possibility that your data was not affected. However, this underscores the importance of obtaining exercise information. This experience also highlights the need for honest reporting on risk as well bug bounty software. It is not enough for security experts to present a story in the black box – they need to know that the company is aware of its flaws and uses corrective measures.
All sales selected by Engadget are selected by our publishing team, independent of our parent company. Some of our articles include helpful links. If you purchase one of these links, we will be able to make a donation.
Source link
