Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Privacy Security Television

Buying a Samsung TV Online Could Jeopardize Your Data (cnet.com) 30

An anonymous reader shares a CNET report: If you buy a product from Samsung's online store, your name, address, order information and other data may be accessible to anyone who cares to look. Matt Metzger, a self-described "application security engineer" who said he has worked in shipping-industry compliance, wrote Wednesday on Medium about an accidental discovery. Metzger said he ordered a TV from the Samsung online store and was sent a URL to track his delivery. When he followed the URL, he discovered that his tracking number was the same one used for someone else's previous delivery and that he could see sensitive information, such as the person's name and items ordered, without any security measures getting in the way. Metzger also discovered that more information was attached in a TIFF file to his own order after the delivery was completed. The file included his full name, address and signature.Samsung told CNET it is aware of the issue and is looking into it.
This discussion has been archived. No new comments can be posted.

Buying a Samsung TV Online Could Jeopardize Your Data

Comments Filter:
  • by OneHundredAndTen ( 1523865 ) on Thursday March 16, 2017 @02:21PM (#54052477)
    Not in vain is Samsung known for its explosive products.
  • Another BS headline. (Score:5, Informative)

    by gfxguy ( 98788 ) on Thursday March 16, 2017 @02:49PM (#54052639)
    Probably 99% of people buying Samsung products online did NOT buy it from Samsung directly.
  • You messed up. I bought a TV for my brother from the Samsung web store in December. No indication this TV was on back-order. I got no status updates for weeks. Finding your order status if you chose not to create yet another account is a chore the first time. The only positives that came from it were the fact that I *was* able to order without an account, and that they upgraded our Black Friday model 6290 to a 6300. It almost made up for the experience.
  • don't worry if your personal data is made accessible online. You should only worry that your home is easily accessible to the fire brigade. It is a Samsung product, after all!
  • by PPH ( 736903 ) on Thursday March 16, 2017 @04:02PM (#54053065)

    I buy all my AV gear out of the back of vans in parking lots.

  • by Anonymous Coward

    This is an absurd article.

    Having just bought a TV from Samsung, This is one of many shippers that Samsung uses. It is no different from UPS, FedEx, or any other shipper. The IDs sometimes get re-used, and that will include some identifiable information.

    This is in no way Samsung's fault... Any more than anybody else that uses this shipper.

    Sheer click bait.

    Should AGI fix their tracking system to be more secure? sure. Does it have anything to do with Samsung? No, not really. I mean, as a customer Samsung shoul

1: No code table for op: ++post

Working...