Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Average Internet of Things device has 25 security flaws
The Telegraph ^ | 7/30/2014 | Matthew Sparkes

Posted on 07/31/2014 9:54:43 AM PDT by mojito

The Internet of Things (IoT) has connected everything from smoke alarms to fridges and cars, making life easier and safer – but it has also given hackers a new way to attack their victims, warns HP.

In a study of the ten most popular IoT devices (which it did not name in its report) HP found 250 potentially dangerous security vulnerabilities.

The devices came from manufacturers of TVs, webcams, home thermostats, remote power outlets, sprinkler controllers, hubs for controlling multiple devices, door locks, home alarms, scales and garage door openers.

All of the devices included remote smartphone applications which were used to control them.

It was found that 90 per cent of the devices collected personal information, 70 per cent transmitted that data on an unencrypted network and 60 per cent had insecure user interfaces. Eight out of ten failed to require a strong enough password.

(Excerpt) Read more at telegraph.co.uk ...


TOPICS: Computers/Internet
KEYWORDS: internetofthings; security; surveillancestate
I don't have one of these devices, but if you do or are considering getting one, be strongly cautioned.

h/t Karl Denninger

1 posted on 07/31/2014 9:54:43 AM PDT by mojito
[ Post Reply | Private Reply | View Replies]

To: ShadowAce

tech ping


2 posted on 07/31/2014 9:58:39 AM PDT by raybbr (Obamacare needs a death panel.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: mojito
I don't have one of these devices, but if you do or are considering getting one, be strongly cautioned.

Per his article today, you can complete your total security failure by getting an iPhone. (Fanboy incoming)

3 posted on 07/31/2014 10:02:03 AM PDT by Stentor (Maybe the Goldman Sachs thing is just a coincidence. /S)
[ Post Reply | Private Reply | To 1 | View Replies]

To: mojito

I will never connect any of those things to the internet.


4 posted on 07/31/2014 10:20:02 AM PDT by I want the USA back (Media: completely irresponsible. Complicit in the destruction of this country.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: mojito

One day, your coffee-maker will conspire with your car’s on-board computer to run you off the road, during your evening commute. Meanwhile, your microwave and toaster-oven will conspire to deplete all your bank accounts. If you ever make it home, your Roomba will knock you down, and try to suck your face off.


5 posted on 07/31/2014 10:32:11 AM PDT by USFRIENDINVICTORIA
[ Post Reply | Private Reply | To 1 | View Replies]

To: rdb3; Calvinist_Dark_Lord; JosephW; Only1choice____Freedom; amigatec; Ernest_at_the_Beach; ...

6 posted on 07/31/2014 10:34:15 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: USFRIENDINVICTORIA

“Sexual gratification can only be achieved through the use of machines”
Frank Zappa


7 posted on 07/31/2014 10:36:04 AM PDT by wxgesr (I wanna be the first person to surf on another planet......)
[ Post Reply | Private Reply | To 5 | View Replies]

To: mojito

Sounds like a great opportunity for someone to enter the security space and make a killing...


8 posted on 07/31/2014 10:37:18 AM PDT by Wyatt's Torch
[ Post Reply | Private Reply | To 1 | View Replies]

To: mojito

Lawn sprinklers?
Door locks?
Garage door openers?
Scales?

Oh cool! Look, I can turn my lawn sprinklers on and off and open and close my garage door from my SmartPhone. Wow, I am just so tech savy.

Give me a break!!


9 posted on 07/31/2014 10:38:39 AM PDT by upchuck (It's a shame nobama truly doesn't care about any of this. Our country, our future, he doesn't care.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: wxgesr

Don’t even think about what happens when your fembot conspires with your meat slicer.


10 posted on 07/31/2014 10:44:02 AM PDT by USFRIENDINVICTORIA
[ Post Reply | Private Reply | To 7 | View Replies]

To: mojito

How ever far back you wish to go, the hue and cry has been the same!


11 posted on 07/31/2014 11:07:35 AM PDT by PoloSec ( Believe the Gospel: how that Christ died for our sins, was buried and rose again)
[ Post Reply | Private Reply | To 1 | View Replies]

To: mojito

“All of the devices included remote smartphone applications which were used to control them.”

I’m going to buy a plain Jane water heater. I see they have them now where you can buy ones that you can monitor, change with your smartphone. Too much money. But who wants something in your basement that can be hacked, and set to “bomb” instead. (Just saw some MythBusters shows about water heaters - amazing and scary!)


12 posted on 07/31/2014 11:14:23 AM PDT by 21twelve (http://www.freerepublic.com/focus/f-news/2185147/posts 2013 is 1933 REBORN)
[ Post Reply | Private Reply | To 1 | View Replies]

To: mojito
90 per cent of the devices collected personal information,

thermostats, power outlets, sprinklers.... collected personal data??

13 posted on 07/31/2014 11:25:20 AM PDT by GeronL (Vote for Conservatives not for Republicans)
[ Post Reply | Private Reply | To 1 | View Replies]

To: mojito; a fool in paradise

“It always feels like, somebody’s watching me!!”


14 posted on 07/31/2014 11:26:06 AM PDT by GeronL (Vote for Conservatives not for Republicans)
[ Post Reply | Private Reply | To 1 | View Replies]

To: mojito

The most dangerous of those is ordering from HP online. They stole my credit card and ran up a bill on iTunes. Neither HP or Apple would fix it.


15 posted on 07/31/2014 11:42:26 AM PDT by bgill
[ Post Reply | Private Reply | To 1 | View Replies]

To: mojito
Exactly. Comcast are now pushing their version. I am very skeptical.

Heck, they can't even provide a decent router/modem/wifi and worst of all, their tech support people are pretty lame.

16 posted on 07/31/2014 12:59:47 PM PDT by dhs12345
[ Post Reply | Private Reply | To 1 | View Replies]

To: I want the USA back

Exactly. Wise person. However, that is what make them interesting to some folks — being able to set your thermostat remotely from your smart phone, etc. Fools!


17 posted on 07/31/2014 1:03:08 PM PDT by dhs12345
[ Post Reply | Private Reply | To 4 | View Replies]

To: bgill
Hopefully the credit card company covered the charges.

Also, wouldn't Apple have account information about the perp?

18 posted on 07/31/2014 1:06:42 PM PDT by dhs12345
[ Post Reply | Private Reply | To 15 | View Replies]

To: dhs12345

Yes and yes.


19 posted on 07/31/2014 1:37:16 PM PDT by bgill
[ Post Reply | Private Reply | To 18 | View Replies]

To: bgill

Good. At least you weren’t out the money.


20 posted on 07/31/2014 1:42:00 PM PDT by dhs12345
[ Post Reply | Private Reply | To 19 | View Replies]

To: mojito

Working closely with IT security teams, I can tell you personally that the #1 most exploited non-standard web-enabled devices are TVs and BluRay players. Most of these devices are not set to automatically update software, and most users don’t bother to update the firmware/software once they have them.


21 posted on 07/31/2014 1:53:59 PM PDT by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: mojito; ShadowAce

I have several devices that are on my network(TV, gaming consoles, ect)

Almost all of them are what I’d refer to as being ‘insecure’, sending data in ‘human readable’ text. Sure, my home WiFi network is encrypted, but that doesn’t assure any traffic is encrypted once it leaves my site(home). I know for a fact that my TV(Samsung) and gaming consoles(PS4/XBox1) ‘phone home’ with sensitive information. They could EASILY implement encryption, but obviously choose not to do so...


22 posted on 07/31/2014 3:00:09 PM PDT by KoRn (Department of Homeland Security, Certified - "Right Wing Extremist")
[ Post Reply | Private Reply | To 1 | View Replies]

To: mojito

All “smart” devices are designed to regulate the human per EPA or worse yet, UN Agenda 21.

On your knees, touch your head to the ground and pray to the Google overlords.


23 posted on 07/31/2014 4:08:19 PM PDT by wxgesr (I wanna be the first person to surf on another planet......)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dhs12345

Except Apple and HP knew who did it but refused to stop it saying it happens too often to stop. Uh, excuse me! Even my credit card company refused to press charges and ate the theft even though it was enough for a hefty fine and 2 years behind bars. The local cops finally dropped it after over a year because everything was out of state. Criminals know this so they’re not worried. That, my FRiend is why cc rates are so high and why us honest customers have to pay so much for products.


24 posted on 07/31/2014 5:51:36 PM PDT by bgill
[ Post Reply | Private Reply | To 20 | View Replies]

To: dhs12345
Exactly. Wise person. However, that is what make them interesting to some folks — being able to set your thermostat remotely from your smart phone, etc. Fools!

If you can control your thermostat remotely, so can your government.

25 posted on 08/01/2014 5:30:00 AM PDT by a fool in paradise (Elian Gonzalez sought asylum and was sent back to Cuba, send these kids back to THEIR parents.)
[ Post Reply | Private Reply | To 17 | View Replies]

To: a fool in paradise

Exactly! Same with the ISP.

And they can snoop around on your network. And these devices use wifi which isn’t as secure as good old wired.

That is why I bought my own router and modem. I can control my own network.

If you rent your router/modem from the ISP, they have full control on the LAN side. I know this because when we tried Comcast’s telephone service, they forced us to take an all in one router/modem/wifi/VOIP POS. I wanted to turn off the wifi but couldn’t so I had to contact Comcast. Sure enough, they were able to configure the wifi. Scary.

And how quickly would Comcast or other ISPs allow the Feds access to your private network?

Also, I always wonder if there is some hidden port in the routers that allows full access to your network. At minimum, there are probably vulnerabilities. Call me paranoid.


26 posted on 08/01/2014 6:21:30 AM PDT by dhs12345
[ Post Reply | Private Reply | To 25 | View Replies]

To: dhs12345

Greenie weenies have already made it clear that they don’t believe citizens should be able to set their thermostats at whatever temp they’d like.


27 posted on 08/01/2014 6:24:53 AM PDT by a fool in paradise (Elian Gonzalez sought asylum and was sent back to Cuba, send these kids back to THEIR parents.)
[ Post Reply | Private Reply | To 26 | View Replies]

To: bgill

Ya. Damn them.

If they had done their jobs, those crooks might be in jail and not committing other crimes.


28 posted on 08/01/2014 6:25:03 AM PDT by dhs12345
[ Post Reply | Private Reply | To 24 | View Replies]

To: a fool in paradise

Yup. There may come a day when you can’t control your thermostat.

Right now it is optional and apparently you get a discount. But it may become mandatory.


29 posted on 08/01/2014 6:26:55 AM PDT by dhs12345
[ Post Reply | Private Reply | To 27 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson