Most smart home devices have weak security by design. Generally speaking:

  • Consumers don’t want to pay the premium for good security
  • Consumers don’t want to deal with the complexities that come with good security
  • Consumers don’t want to deal with tracking updated versions of software for their devices nor do most have the technical competence to install new releases.
  • Most manufacturers don’t support any automated mechanisms for updating software in their devices after they ship.
  • Many manufacturers bringing smart products to market have no experience in security
  • Manufacturers are all about getting their products to market sooner, and including good security takes time

In the News

A father Googled “Nest + camera + hacked” and found out that this happens frequently
Voice-activated assistants, smart TVs and app-controlled locks and light systems promise convenience. They can also enable stalking.
Using Wi-Fi extenders? Security researchers from IBM have found a critical loophole with TP-link extenders that could be leaving you exposed, so you know, it’s time to get your patch on.
The attack was reported by security researchers from Imperva, who claims that a few months ago, hackers utilized a massive botnet, containing over 400,000 IoT devices
The regular Hackaday reader no longer needs to be reminded about how popular the ESP8266 is; they see the evidence of that several times a day. But what might not be quite so obvious is that it isn’t just us hacker types that are in love with the inexpensive IoT microcontroller, it’s also popping up more and more frequently in commercial products.
Researchers from Pen Test Partners have found a way to set fire via a smart device. This time, they have experimented with the Glamoriser smart hair straightener. As reported, an adversary can break into the device mechanism and take control of the product.
Hackers operating underground are seen arming themselves for an attack on Internet of Things (IoT) devices as they see a proliferation of connected gadgets, both at homes and in the organisations in the near future.
Further, video streams of webcams are also being sold by these criminals on the dark web. The most expensive webcam streams were found to be bedrooms, massage parlors, warehouses, and payment desks at retail shops. “These video streams are often categorized thematically and sold as subscriptions.” the report added.
In a bone-chilling incident, a couple in the US was left stunned when a hacker broke into their connected home and started talking to them via camera, played vulgar music on the video system in the living room and even turned thermostat to 90 degrees Fahrenheit (over 32 degrees Celsius).
The unemployed high-school dropout who hacked nearly one million Internet routers, DVRs, and video cameras didn’t look particularly formidable in his pajamas.
Believe me, there are over 100 ways a hacker can ruin your life just by compromising your wireless router—a device that controls the traffic between your local network and the Internet, threatening the security and privacy of a wide range of wireless devices, from computers and phones to IP Cameras, smart TVs and connected appliances.
The mere thought of being spied on at home is terrifying but is far from being just paranoia in light of recent discoveries. The study carried out by WizCase concluded that several types of webcams, including IP Cameras, are vulnerable to hijacking and viewable by anyone with internet access and the right knowledge.
A simple project to study compromised security cameras drew a trio of researchers deep into an investigation of the security risks of today’s connected devices.
IoT is in no way immune to hacking. Hackers can launch DDoS attacks by infiltrating and leveraging thousands or millions of unsecured devices. They can cripple infrastructure, down networks, and as IoT advances into our everyday lives, those attacks may very well put real human lives in jeopardy. And even if hackers don’t outright threaten lives, they can compromise gateways and deeper levels of IoT networks in order to reveal and exploit sensitive personal and corporate information.
Does your refrigerator notice more than that you’re out of milk? Could your floor-cleaning robot be taking candid photos of your ankles? Is Alexa eavesdropping? Although smartphone security is everyone’s buzzword these days, hacking devices in the smart home could breach your personal security too. Being aware of vulnerabilities and staying current with security technology keeps your home a secure and private personal space.
Modern households are at greater risk of cyber-attack thanks to the growth of Internet of Things (IoT) devices.
China Targets Control Over Internet of Things for Spying, Business

China is aggressively seeking to dominate the Internet of Things and plans to use access to billions of networked electronic devices for intelligence-gathering, sabotage, and business purposes, according to a forthcoming congressional report.
We built a fake web toaster, and it was compromised in an hour.