Admittedly below our already not high expectations for a WiFi accessible space heater:
An unverified OTA update process in a Govee smart space heater—using HTTP with weak integrity checks (a simple checksum and HMAC with a hardcoded key)—allows MITM attackers to inject modified firmware, enabling arbitrary control or bricking. Exposed debug interfaces with weak credentials compound the vulnerability.
https://blog.includesecurity.com/2025/02/replacing-a-space-heater-firmware-over-wifi/
P.S. Of the U.S.’s top five trading partners, Canada was the only country with whom the U.S. had a trade surplus in manufacturing (US$33 billion in 2023).
Canada buys more from the U.S. than any country on earth — more than U.K., France, Germany, Italy and Vietnam combined.
And they are already taking wines from "red states" off provincial liquor store shelves.
Congratulations to the new American administration, achieving something no Canadian politician has been able to - rallying the entire country around the flag.
Uniting BC's left wing Eby, Ford's right wing Conservatives, Trudeau/Carney's centrist Liberals, even separatist CAQ François Legault saying Quebec must stand together with the rest of Canada and fight (!!!).
I don't think we have seen ALL of Canada synchronize and unify like this to respond to a threat since WW2.
