this post was submitted on 15 Jul 2023
499 points (99.0% liked)

Technology

60123 readers
3631 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 

LG to offer subscriptions for already purchased appliances and televisions, evolving into a provider for “Home as a Service”::Subscription fatigue is a thing and regulators are circling, but Korean giant reckons you're ready to cough up after buying hardware

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 21 points 1 year ago* (last edited 1 year ago) (1 children)

I have a 2017 era Samsung TV. I use it to connect to a media server that my router runs if I plug in a USB drive. This just worked so I assumed it was an open unauthenticated service.

Then I tried to use VLC running on my phone to connect and found myself presented with a login screen. When I investigated further I found the router's media server defaulted to using the the router's admin credentials.

So it looks like the TV had been programmed to try common default router creds before showing a login prompt to the user as a "convenience".

[–] [email protected] 7 points 1 year ago (2 children)

That's good UX, the real fuckup is using default admin credentials om your router.

[–] [email protected] 4 points 1 year ago

Im safe.

I changed u:admin p:admin to u:root p:service

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

I wasn't too concerned previously as my routers are only exposing their services to the local network.

I understand the view that it's a superior UX but I was taken aback that it was guessing passwords for other devices on the network.