Tagged: IoT Toggle Comment Threads | Keyboard Shortcuts

  • Geebo 9:00 am on November 8, 2019 Permalink | Reply
    Tags: , , , IoT, ,   

    Is your Ring doorbell at risk of attack? 

    Is your Ring doorbell at risk of attack?

    Ring Doorbells have become very popular over the past few years. Not only does it offer the convenience of knowing who’s at your door while you’re not home, but it also records any interaction that occurs at your front door. With the assistance of Ring Doorbells, all sorts of interlopers have been caught ranging from porch pirates to home intruders. They’ve become so popular and ubiquitous that police stations around the country are recommending residents install one and become part of a police network of cameras. So, it should come as no surprise that bad actors may want access to your camera.

    Amazon, owners of Ring, recently announced that there was a vulnerability in Ring Doorbells that could have exposed your wifi password to attackers. During the authentication process, the communication between your doorbell and the was unencrypted leaving your wifi password open in plain text and potentially available to hackers. While any attack wouldn’t be able to control the camera itself, once your home wifi is vulnerable an attacker could compromise any number of systems especially if you have a number of smart home or internet of things (IoT) devices.

    Thankfully, Amazon patched this vulnerability before they made it public knowledge. That’s not even taking into account that any attack against the doorbell would have to happen at the precise moment of authentication and the attacker would need to be in range of your home wifi. The chances of a hacker being on your property at the time of authentication are very slim. However, this does show that no smart home or internet-enabled security device is foolproof. When purchasing such a device, do your research in finding out which ones are the most secure and which ones receive regular updates from the manufacturer. Otherwise, you could be as secure as leaving your front door unlocked.

     
  • Geebo 8:04 am on October 21, 2019 Permalink | Reply
    Tags: , , , IoT, , ,   

    Smart home camera hacked in baby’s room 

    Smart home camera hacked in baby's room

    A California CEO has written a column for The Mercury News where he relays the tale about how his smart home camera system was hacked. It is quite a rather harrowing tale as the digital vandals used the speaker on the camera in the baby’s room to harass the family’s nanny. The anonymous voice on the other end of the camera was using profanity and even threatened to come take the baby at one point. It wasn’t until all the cameras were disconnected did the harassment stop. The father later found out that this is a fairly common occurrence with internet-connected cameras, specifically the brand that he was using.

    The father then tried contacting the technical support arm of the corporation that manufactures the cameras and was on hold for over an hour. He also received emails that continued to push the idea of two-factor authentication to keep out would-be pranksters. The father was not satisfied with this response and has vowed not to use this brand of camera ever again. His outrage can be understood especially for parents with young children because you can never truly know who is watching your home while you’re unaware. A more sophisticated criminal could use such information gleaned from home cameras to tell when a home may be vulnerable to being robbed.

    While the camera maker’s customer service may sound a little tone-deaf as far as the father’s mistrust is concerned, their advice about two-factor authentication is not wrong. 2FA, as it’s known, can go a long way in preventing these cameras from being hijacked. Also if you use the same password across multiple services you could be compromising your security greatly by making it easy for hackers to gain access to your devices. In this case, you may want to try some of the more reliable password managers out there. As we have said before, if you don’t take your internet security more seriously, it’s like having the most expensive lock that you just leave the key in.

     
  • Geebo 8:00 am on October 7, 2019 Permalink | Reply
    Tags: activation fee, , Amazon Echo, , Google Home, IoT, , , virtual assistant,   

    Beware the activation fee scam for new devices 

    Beware the activation fee scam for new devices

    In the past, we’ve discussed a couple of scams that could affect new owners of such devices like the Amazon Echo or the Google Home. The first was using unofficial apps to help you get your device activated. The second was using your virtual assistant to look up phone numbers for you which could result in being connected to scammers posing as services you may not use that often. Now, the Better Business Bureau (BBB) is reporting a new scam that could affect new owners of these devices and this scam could cost users money.

    This new scam kind of resembles the unofficial app scam. The difference with this scam is with fake phone numbers posing as technical support for many of these devices. If someone were to do a web search looking for a technical support number for one of these devices the number that appears may not be that of the company who made the device. Instead, it may belong to scammers who are going to try to get you to pay an ‘activation fee’ while posing as companies like Amazon and Google. This scam not only applies to devices like this but to many other services as well such as anti-virus and printer support just to name a few.

    If you have technical trouble setting up any kind of device or service it is always recommended that you go to the manufacturer’s or distributor’s website to locate the proper customer service number. Scammers will use search engine optimization (SEO) tricks to try to get their phony number listed first on search engines even above those of the legitimate manufacturer’s. Also beware of any technical support that tries to get you to pay for their service using gift cards, prepaid debit cars, or money transfers. That is guaranteed to be part of a scam as once the money is paid, it will be next to impossible to recover from a scam artist.

     
  • Geebo 8:00 am on September 26, 2019 Permalink | Reply
    Tags: , , , IoT, , ,   

    When a smart home isn’t so smart 

    When a smart home isn't so smart

    Many people think that they are better securing their home by installing smart devices. These devices can range from anything from cameras to door locks and anything in between. These classes of smart devices are known as the internet of things or IoT for short. That means that these devices are connected to the internet so the user can control them from just about anywhere. The major drawback to IoT devices is that they can also be controlled by bad actors if the user isn’t careful.

    A couple in Milwaukee found that the hard way this week when someone was able to take control of some of their smart devices. The couple had a nest camera and thermostat installed. When one of them came home they found that the thermostat was set at 90 degrees. After that, someone started verbally harassing them through the speaker on their security camera. Even after the couple changed all their passwords the abuse continued until the devices were disconnected. The couple lays the blame at Nest, which is owned by Google, but the fault may lie elsewhere.

    It’s not hard to hack into IoT devices if the users are using the same password or weak passwords to secure their network and devices. Also, as we discussed with the recent YouTube hack, two-factor authentication (2FA) should also be enabled on these devices. While 2FA has its own flaws, it’s more secure than using an easily guessed password. These devices are designed to help protect your home, but if you’re not using 2FA it’s like having the most expensive lock that you just leave the key in.

     
c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel