No one said I(o)T would be easy for Amazon – as many as 13 flaws that could have had serious consequences in homes everywhere have been uncovered on its real-time OS.
The now-patched security flaws in Amazon’s OS had the potential to impact a number of devices across the Internet of Things, FreeRTOS and Amazon Web Services connection modules.
The hole in the company’s armour pretty much giving them free rule over products – giving hackers the ability to crash devices, leak the contents of their memory and run code remotely.
Amazon’s FreeRTOS and its ‘safety’-focused counterpart SafeRTOS feature are both implemented in a number of products for the home and outside of it (i.e. cars, aircraft and medical equipment).
Amazon Web Services took control of FreeRTOS' core back in November 2017.
The flaws were identified by California-based mobile security specialist Zimperium, which is currently waiting out the 30-day period to disclose the technical details required by FreeRTOS' open source license so smaller outfits can fix the issues.
With Amazon only a month ago unveiling an extensive line-up of even more IoT devices for the home, one has to wonder if its narrow-sighted take on bringing products to market without the necessary fine-tuning (in terms of both security and functionality) will lead to more of this…