smart home Archives

smart home

IT Pros: Internet Of Things Is A Governance Disaster

November 8, 2013 Paul Roberts

Not that we needed a survey to tell us this: but IT pros are seriously concerned about the risks posed by all the IP-enabled devices that are starting to connect to their corporate networks. That’s the conclusion of a survey of 2,013 members of ISACA, a worldwide association of information security professionals, which found almost unanimous agreement that the Internet of Things poses a governance problem for their networks, with increased security threats the most oft-cited governance issue raised by IoT adoption. The survey (PDF) also polled 4,000 consumers in the U.S., U.K., India and Mexico, finding that IT professionals were less sanguine than consumers about the transformative potential of the Internet of Things for enterprises. Just four in 10 agreed that the benefits of IoT adoption outweighed the risks, while half of the ISACA members polled felt that the benefits of IoT to consumers outweighed the risks. Around a quarter of […]

Is A Nest Botnet In Our Future? A Conversation With IoT Researcher Daniel Buentello

October 31, 2013 Paul Roberts

Daniel Buentello is one of the top security researchers out there looking into the security of common, consumer products that are part of the growing “Internet of Things.” Most recently, Buentello has been making the rounds of security cons with a presentation he calls “Weaponizing Your Coffee Pot.” The talk, which Bountello presented at the recent DerbyCon hacker conference in Kentucky and at ToorCon in Seattle in July. That talk was something of a call to arms for security folk to start poking around the growing list of IP-enabled consumer products. Buentello notes that most – including products from large firms like Belkin are insecure by design and in deployment. As we noted when we wrote about Buentello presentation early in October, the interesting stuff here is Daniel’s methodology for reverse engineering the software that runs these commercial developments, which offers something of a blueprint for others to follow. More recently, Buentello turned his gaze to […]

Exclusive: Apple Store Favorite IZON Cameras Riddled With Security Holes

October 24, 2013 Paul Roberts

It’s another day, another face-palm moment for the home surveillance camera industry. Just one month after the Federal Trade Commission (FTC) settled a complaint with the maker of SecurView, a line of poorly secured home surveillance cameras, a researcher at the firm Duo Security has found a slew of even more serious security holes in the IZON Camera – a popular product that is sold in Apple Stores and Best Buy, among others. A review by The Security Ledger found dozens of such systems accessible via the public Internet, in some cases allowing anyone to peer into the interiors of private residences and businesses. Mark Stanislav, the Security Evangelist at the firm Duo Security, presented the details of a security audit of the IZON camera at a security conference in New York on Tuesday. Stanislav documented troubling security lapses including a wide-open configuration with exposed ports for accessing the device […]

Video: Weaponizing Your Coffee Pot

October 7, 2013 Paul Roberts

The third annual DerbyCon wrapped up last week. Alas, I wasn’t able to make it down to Louisville, Kentucky and don a pork-pie hat with the smart people there. Still, there were some great presentations, and most of them are available online. One worth checking out if you’re into the Internet of Things hacking -thing is Daniel Buentello’s (@danielbuentell0) presentation of “Weaponizing Your Coffee Pot.” This is a repeat performance for Daniel, who also presented it at the ToorCon Conference in Seattle back in July. The first half of this talk is a high level overview of IoT and the security implications thereof. Mostly this is stuff you’ve read on this blog before. In the second half, Daniel goes down into the weeds on hacking a couple of classic IoT devices: Belkin’s WeMo IP enabled power outlet and Nest’s iconic thermostat. Without getting into all the details (its worth watching […]

IDC: 30 Billion Autonomous Devices By 2020

October 7, 2013 Paul Roberts

The official “numbers guys” (and gals) of the technology business over at IDC have just come out with a new report on The Internet of Things and it has some eye-popping numbers. Top among them: an (estimated) 30 billion autonomous “connected things” deployed by the end of this decade. The report, “Worldwide Internet of Things (IoT) 2013-2020 Forecast: Billions of Things, Trillions of Dollars” is a market outlook for the IoT ecosystem, which IDC says comprises “intelligent systems, connectivity services, platforms, analytics, and vertical applications” it also includes professional services and security for IoT infrastructures. While IP-enabled things aren’t exactly “new,” the IoT is being driven by factors that haven’t been common previously, namely: ubiquitous, wireless Internet connectivity, regardless of location, notes IDC analyst Carrie MacGillivray. IDC says the trend lines are pointing up in a serious way, with IoT related economic activity to grow at a 7.9% compound annual […]