Internet of Things Archives

Internet of Things

Update – Virtual Vandalism: Firm Warns Of Connected Home Security Holes

February 18, 2014 Paul Roberts

[This story was updated to include response from Belkin describing its response to the vulnerabilities identified by IOActive, including firmware updates. – PFR Feb 19, 2014] A researcher with the respected security firm IOActive says that he has found a number of serious security holes in home automation products from the firm Belkin that could allow remote attackers to use Belkin’s WeMo devices to virtually vandalize connected homes or as a stepping stone to other computers connected on a home network. In a statement released on Tuesday, IOActive researcher Mike Davis said that his research into Belkin’s WeMo technology found the “devices expose users to several potentially costly threats, from home fires with possible tragic consequences down to the simple waste of electricity.” IOActive provided information on Davis’s research to the US Computer Emergency Readiness Team (CERT), which issued an advisory on the WeMo issues on Tuesday. Belkin did not […]

Snowden RSA Controversy Just One Of Many Facing Security Industry

February 17, 2014 Paul Roberts

In a little more than a week, executives from world’s leading technology firms will gather in San Francisco for the RSA Conference, the cyber security industry’s biggest show in North America. No hacker con, RSA is something akin to corporate speed dating for companies in the security industry. But, like so much else in the technology world, this year’s conference has become mired in controversy stemming from Edward Snowden’s leak of classified documents related to government surveillance. In December, Reuters broke the story that, among the documents leaked by Snowden was evidence that RSA, the security division of EMC and parent company to the conference, accepted a $10m payment from the NSA to implement what turned out to be a vulnerable encryption algorithm as the default option for its BSafe endpoint protection product. RSA, the security division of EMC, has denied the allegations that it accepted the money while knowing that […]

Internet of Dings: Verizon Shelves Home Automation Service

February 13, 2014 Paul Roberts

The news this week that search giant Google completed its acquisition of smart-home device maker NEST prompting at least one news outlet to proclaim that the “New Internet of Things Wave” has been set in motion. (Umm…new?) But there’s a cautionary note in the business headlines: news that Verizon shuttered its Verizon Home Monitoring service. Matt Hamblen over at Computerworld.com has the news and the confirmation from Verizon, which launched in 2012 and was designed to sink that company’s hooks deeper into wired homes. Verizon provided a common hardware platform for home automation and entertainment systems to plug into and talk to each other. Users could manage devices remotely from their computer, mobile device or from their televisions using FiOS TV. It comprised video surveillance, environmental control and physical security. In commercials, Verizon trumpeted it as the “ultimate 21st century green energy home control.” Verizon charged users $10 a month […]

FTC Approves Settlement Over Leaky Surveillance Cam

February 10, 2014 Paul Roberts

The US Federal Trade Commission (FTC) announced on Friday that it has approved a settlement with TRENDnet, Inc. over lax security features in its line of SecurView cameras. The FTC said on Friday that it has approved a final order settling charges against the company, whose cameras were found to be poorly secured against external attackers, who could access them and use them to spy on the homes and private lives of hundreds of consumers. [See also: Apple Store Favorite IZON Cameras Riddled with Holes] The FTC complaint stems from a February, 2012 case in which independent security analysts with the web site Console Cowboys published details on how a firmware flaw allowed authentication for Internet-connected SecurView cameras to be bypassed, giving any Internet user (with the know-how) the ability to view the surveillance camera’s live feed. The Commission first announced a settlement with TRENDnet, a Torrance, California company, in September of […]

Google Patent: Video Mob Sourcing Spots Public Gatherings

February 5, 2014 Paul Roberts

Google is adding to its arsenal of creepy, Big Data tools with crowd sourcing technology that can identify public gatherings and other events that draw spectators. The company has applied to the US government for a patent on what is described as a method for “inferring events based on mob source video,” according to the Web site Public Intelligence. The technology uses video clips submitted by Google users (to YouTube, etc.) to infer that “an event of interest has likely occurred.” The technology surveys time- and geolocation stamps on the videos to correlate the activities of individuals who might be part of a gathering. The Patent, US2014/0025755 A1, was published on January 23, 2014 and lists Google Inc. as the Assignee and Ronald Paul Hughes as the inventor. It claims the technology, dubbed “mob sourcing” will allow Google to correlate video and images to infer the existence of groups (i.e. a public […]