• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
TechEngage

TechEngage

Technology news and opinions

  • Tech News
  • Reviews
  • How-to
  • Science
    • Energy
    • Environment
    • Health
    • Space
  • Apps
  • More
    • Opinion
    • Noteworthy
    • Roundups
    • Culture
    • Blockchain
      • Cryptocurrency
    • Events
    • Deals
    • Startups
      • Startup Submissions
  • Videos
  • Login
Consumer Electronics, IoT, Security

Your home can be smart or secure, but probably not both

Avatar for Jessica Baron, PhD Jessica Baron, PhD Updated: April 22, 2019

A photo of iPhone 8 Plus with Google Home Mini and a power extension plugged in socket showing smart and secure home
Photo by Thomas Kolnowski on Unsplash

We’ve heard over and over again that the Internet of Things and the connection of devices poses security risks. While having your thermostat, lights, televisions, security cameras etc. hooked up to your smartphone may seem like the ultimate convenience, it can also pose serious risks to your privacy and safety.

A new report from the University of Edinburgh warns that devices managed remotely need better consumer protections against a variety of security risks. Researchers have suggested that manufacturers of smart devices should take steps to protect their users from design flaws, app weaknesses, and phishing schemes.

Edinburgh researchers presented the suggestions at the 2019 IEEE International Conference on Pervasive Computing and Communications in Kyoto, Japan in March.

Their research showed multiple flaws in the design of home systems that not only allow hackers to steal passwords and other private data, but also to interfere with the operation of smart devices. While a hacker turning on your lights in the middle of the night might not seem like a life or death situation, turning machines on at random times, overheating them, or spying through cameras can lead to both physical and emotional damage to victims.

When assessing the security of the popular Belkin WeMo, the researchers found that it contained design vulnerabilities that allowed hackers to access its controls over home WiFi networks.

The researchers were also able to use the app to connect a fake device to a smart home ecosystem, making it appear like a legitimate smart appliance in a person’s home. While a fake device might not seem like much of a threat, it poses a risk for phishing schemes in which users who log in and explore the fake device or allow it access to WiFi inadvertently can give hackers access to their passwords and account details.

While the Belkin WeMo isn’t the only smart home device with security issues, the company does have a history of security failures. In 2014, Carnegie Mellon’s CERT Coordinate Center found multiple vulnerabilities in the system, prompting warnings to unplug the devices when Belkin did not respond promptly (they have subsequently responded and patched those issues).

In 2016 HOTforSecurity, a blog run by security firm Bitdefender, announced another WeMo vulnerability when it found enough plain-text (non-encrypted) data to allow savvy hackers to reverse engineer device protections, though the company brushed it off, saying that devices were only vulnerable during initial set-up and that many other devices had the same vulnerabilities.

McAfee researchers reached out to Belkin in 2018 after discovering more security vulnerabilities that allowed hackers to turn devices on and off and overload switches. The most recent Belkin security advisory was issued shortly after, but merely stated that
“Wemo is aware of this vulnerability from Doug McKee AKA ‘fulmetalpackets’ and researchers at the McAfee Labs Advanced Threat Research. We have been working together to address the exploit and plan to release firmware in the coming month.”

The smart home market is forecasted to be worth over $40 billion by 2020, according to Statista, but other sources estimate double or triple the value. In the end, that valuation might depend on just how safe smart home companies can keep us.

According to Pete Staples, President and Co-Founder of Blue Clover Devices, in a post on Quora:

“While rapidly developing legislature is working to protect users, the regulatory system just can’t keep up with the tech industry’s rate of innovation. Ultimately, it’s up to users to decide how much they want to risk in this melee.”

So while the privacy news is bad (for now), the good news is you get to choose: convenience or security?

This post was orginally published on: March 25, 2019 and was updated on: April 22, 2019.

Related Tags: SecureHome Security SmartHome

Related Stories

  • Cybersecurity awareness tips for employees in 2021

    Cybersecurity awareness tips for employees in 2021

  • Hackers can use a WhatsApp video call to hack your phone

    Hackers can use a WhatsApp video call to hack your phone

  • RIP Google Chromecast Audio

    RIP Google Chromecast Audio

Avatar for Jessica Baron, PhD

Jessica Baron, PhD

Former Editor-in-chief

I am a technology writer and tech ethics consultant whose work has appeared in international news and trade outlets. I have a PhD in History and Philosophy of Science and write about everything from future military weapons to advances in medicine.

Reader Interactions

Join The Discussion: Cancel reply

Please read our comment policy before submitting your comment. Your email address will not be used or publish anywhere. You will only receive comment notifications if you opt to subscribe below.

Primary Sidebar

Become a contributor

We are accepting contributor applications. All applications will be decided in 3 days after applying. To learn more click here.
TechEngage-Apple-News
TechEngage-Google-News

Recent Stories

  • 6 best car scratch removers on Amazon for 2021
  • Best iPhone 12 and iPhone 12 Pro wallet cases for 2021
  • Best video game consoles to buy on Amazon in 2021
  • Best gaming mouse in 2021
  • Best soft couch covers and sofa slipcovers on Amazon for 2021
iPhone 11 Pro

Best Smartphones of (2021)

top background apps

Best Wallpaper Apps Android 2021

Windows 10 official wallpaper

How to upgrade to Windows 10 from Windows 7

Apple One service

How to get Apple One on your iOS device

Footer

About Us

  • Advertise
  • Send us a tip
  • Startup Submission Questionnaire
  • Community Guidelines
  • Corrections Policy & Practice
  • Contact us

Discover

  • About
  • Newsroom
  • Advertise
  • Brand Kit
  • Partners
  • Staff
  • Our Ethics
  • Publication Principles
  • Contact us

Legal Pages

  • Reviews Guarantee
  • Community Guidelines
  • Cookies Policy
  • Comments Policy
  • Our Ethics
  • Disclaimer
  • GDPR Compliance
  • Privacy Policy
  • Terms and Conditions

Download our apps

TechEngage-app-google-play-store

Copyright © 2021 · All Rights Reserved · TechEngage® is a Project of TechAbout LLC.
TechEngage® is a registered trademark in United Kingdom under Trademark Number UK00003417167 and is ISSN protected under the ISSN 2690-3776 and OCLC Number 1139335774.