Attention Pi-Star (digital hotspot Raspberry PI operating System) Users:
PLEASE change your default passwords before exposing your pi-star to the internet. As in, GO DO IT NOW.
It takes less than 2 minutes for a hacker to query for open-to-the-internet pi-stars (CLICK HERE FMI), randomly pick one, use the default creds, and get a remote SSH shell into your home network. You’re basically locking your front door but leaving a window open. Once inside your home network, the hacker can sniff your traffic, spoof your identity, and do a whole host of other stuff. Getting into a network is the hard part, and you’re leaving it wide open.
Oh also, since your callsign is on it, a hacker can not only do stuff from your home internet, but knows where your home is and can impersonate you by name!
This only affects you directly if you have the “Dashboard Access” or “SSH access” set to public, but you should change the password either way.