Desai, Ashish wrote:
If you read your own post you would realize that Mitsubishi
kept the device ipaddress prefix as 192.168.1 so only you can attack
yourself.
Well, as James pointed out already, this reply is a little silly.
But, just to be clear, if Mitsubishi had explicitly documented that this
device should only be used on a private network and had no access
controls, I don't think I'd have a problem.
However, they show a username/password box (which I'm betting is fairly
easilly circumvented if you know the right urls and can forge a cookie
on the client...) so I think it's fair game to expect them to implement
some kind of real security.
cheers,
Chris
--
Simplistix - Content Management, Zope & Python Consulting
- http://www.simplistix.co.uk
