How this blog started, because I own a Homematic "Smart Home" control unit.

Testing is my passion. Sharing knowledge is my contribution.
Every family has a skeleton in the cupboard.
And I like to burn down software from testers point of view. Developers ….they “(dis)like me” :-)
For CVE submission and publication an external reference with CVE detail description is required.
Finally my blog was born.

By August 2019, I have reported 19 vulnerabilities in the firmware of my smart home system called ‘Homematic CCU’ from vendor eQ-3 AG and depending on installed addon software packages there are at least 5 more bigger vulnerabilities.
My fingers are already tingling and showing the partly low and partly heavy attack vectors and how to combine them wonderfully will not save the world, but show that security by design is not boring, but very important.

Written on March 27, 2019