CloudEngines Plugs Security Flaw in Pogoplug with Firmware 2.1
In my original Blog Post entitled Beware the Pogoplug I pointed out a rather serious security hole in the Cloud Engines‘ Pogoplug device. That security hole allowed public SSH access into the device, as long as the device was reachable over the Internet or a Wi-Fi connection. CloudEngines’ even published the root password you needed to access the device. That’s been fixed now. Enter Pogoplug Firmware 2.1 Introduction: By default now, the Pogoplug has SSH access disabled. This is a welcome improvement and is the single biggest issue I had with the old firmware. I wholly support vendors giving us root-level SSH access to our devices. It frankly makes them much more useful and interesting to people like...