'Smart' Homes May Be Vulnerable To HackersPlay
Our homes are becoming more and more connected. Thermostats, televisions, lights and appliances can all be controlled remotely by our smartphones, tablets and computers, with smart-home software.
But Gunter Ollman, chief technology officer of tech security firm IOActive, tells Here & Now's Jeremy Hobson that technology has not caught up to current security measures, and all this connectivity is leaving us vulnerable to hacking.
On how this security issue came about
"The engineers themselves have developed these technologies for many years, but the internet connectivity has been bolted on. And because it's been bolted on, these engineering teams typically have no familiarity with the security technologies or the methods that the hackers have available to them. In real terms, it's like a two-decade time warp. We're going back to the Windows 95 level of security for these devices."
On how households can protect themselves
"The household should really be wise about the kind of technologies they're purchasing and understand which internet connectivity features are actually enabled on these devices. Many of the faults that we commonly see are default passwords or lack of passwords or lack of encryption. So when you're installing these devices, be wary about what the default permissions are and when possible, change these passwords to things that only you could know. It makes it much more difficult for an external attacker or even a curious neighbor to take control of your devices and reap some level of damage or even just cause a nuisance."
On why this is important
"Unfortunately, any TV or any of these devices that you purchase nowadays, this connectivity is just built in by default. It's a bit like if you go out today to look for a classic CD player, it's almost impossible. You're going to have to go for a BluRay player and it's going to be network connected, just to be able to play your CDs."
- Do you think the convenience of smartphone-controllable appliances is worth the potential vulnerability to hackers? Tell us on Facebook or in the comments.
- Gunter Ollman, chief technology officer of IOActive. He tweets @gollman.
This segment aired on July 3, 2014.