A common satellite comms package for ships and oil rigs has a backdoor that won't be patched

A common satellite comms package for ships and oil rigs has a backdoor that won't be patched

Great. Now imagine this for every single IoT device you own. "An audit of Inmarsat's AmosConnect 8 (originally sold by Stratos Global, now an Inmarsat division) reveals that the ship-to-satellite internet product has a deliberate hidden backdoor -- and an accidental SQL code-injection vulnerability -- that allows anyone in the world to take over all, interrupt, and/or spy on the internet access on many of the world's largest ships and oil rigs. Amosconnect 8 reached its end-of-life in June 2017, and will no longer receive any patches, meaning these vulnerabilities will remain intact until all affected systems are replaced, which is to say, indefinitely. The function that grants backdoor access is called "authenticateBackdoorUser.""