As consumers head into the end-of-year holiday celebrations, they are expected to go shopping. But as they trek to the malls or go online, shoppers need to consider the security implications of the vast array of cool, connected devices now on the market.
After a hacker accessed a security camera and harassed an 8-year-old, the chilling recording of the encounter sends a clear warning to shoppers this holiday season. This could happen with anyone using smart-home devices can potentially be hacked or modified to lock out. General device privacy and security concerns apply here to protect users from the misuse of their data.
Consumers must make purchases from reputable manufacturers, and make sure to change the default passwords that these devices come with and don’t forget to use security software to help prevent malware from infecting devices on home network.
Smart watches and activity trackers are soaring in popularity with nearly 85 million people around the world last quarter discovering the convenience of having the power of the internet within reach. But these accessories don't stand alone. Rather, they serve as extensions of smartphones and collect personal information. So, carefully read the privacy policies regarding the information that the user intends to share, including reviewing geographical location settings.
Increasingly, smart watches are gaining access to certain functions in smart homes, such as the ability to remotely unlock the front door. That sounds great until the device gets lost or stolen. If it does, review all passwords to make sure they’re protected with two-factor authentication. Even though some accessories include security settings that ought to help protect users in case of loss or theft, be sure to understand the tradeoffs of convenience.
Any internet-connected, voice-enabled TV has the capability to track what you are searching and watching. What’s more concerning is attackers can hack into smart TV webcams for spying or capitalize on software vulnerabilities to insert malware that can move through connected devices. Also, when shopping for a unit, don’t forget to ask whether it has a camera. Also, does it come with a physical cover or is there one that can be added?
It’s worth researching whether the brand has a good or bad reputation when it comes to privacy and data collection. Once the user brings it home, think about whether they want to be tracked for advertising purposes. Most smart TVs do come with an option for users to turn off such tracking, but it may not be the default setting. So, check the fine print before turning on or turning off features on the smart TV.
A general rule with Smart TV software (and any computing device), to keep the software up to date or turn on automatic updates if there’s such an option.
Another great convenience of the last few years, robot vacuum cleaners have become a must-have appliance for many. Independent research finds that the devices enjoy off-the-chart loyalty with 89 percent of people who own robot cleaners saying they would recommend them to friends and family.
But don’t ignore the privacy implications. Many robot cleaners have cameras to map the house floor layout and optimize operation. This poses potential areas of concern if the robot is connected to the internet. Ensure the manufacturer is protecting the mapped layout data and that it is not shared. Also ensure the cameras are not capturing additional data from within the home.
Another point to consider is that unlike most other devices users may own around the house, this is a machine that physically moves inside the home. As such, a compromised vacuum potentially can enable other types of creepy activity.
So again, ask whether the user trust the manufacturer and whether the company not only can build a vacuum, but also safeguard data. If the answer to that question is yes, also inquire how they go about doing it. Don’t take “why, of course we protect you” as the final answer. Do the research and focus on reputable manufacturers.
NPR and Edison Research estimates that there are now about 120 million smart speakers in U.S. homes, representing 78 percent year-over-year growth. But most of these devices have “always on” speech listening and recognition features so that they can identify the “wake word” — even while they are standing by?
It’s no longer exceptional to read about people complaining that their private conversations somehow triggered the device’s wake word to start eavesdropping. So, before buying a smart speaker for the home, ask whether they are comfortable with this?
Many of users see this as a small price to pay for the convenience being offered. But always-on listening means that such devices can not only listen to what the user says (and potentially use it — for advertising, for instance), but they can also capture ambient noise that reveals a lot of other things about the user.
The electronic/computing system of a car controls most of its operation and is far more vulnerable than, say, a gas-guzzling station wagon from yesteryear. Increasingly, our cars are turning into the equivalent of iPads on four wheels as vehicles incorporate more and more electronic gadgetry each year to add customer convenience.
But as with any technology device, it’s wise to take precautions that mitigate security risks. For instance, in this case the USB ports in certain newer cars might be manipulated to read files on the cell phone or install malware on the device. This is the latest practice known as Juice Jacking, where malware gets installed onto a device or information and can be stolen via the USB charging port.
Also, hackers may be able to launch attacks against audio systems in a bid to control the vehicle remotely. Similar vulnerabilities have also been found with key fobs and certain apps that get used to communicate with the cars. Users must take basic precautions, and be extremely careful with car port dongles that are plugged into the car control port. As with any other computing devices, it is vital to apply software updates in a timely manner and fix any potentially relevant recalls. Don’t make an attacker’s job any easier for them.
Every year more devices become part of the Internet of Things, and that includes children’s toys. But now that digital toys and devices come with built-in cameras and GPS trackers, users need to consider benefits with the potential security risks. Some toys may interact with smart speakers, which introduces a new category of threats.
Like other connected digital devices, they are potentially vulnerable to hacks and any data they collect may not be private — or secure. The threat is not theoretical. Symantec has seen instances in which companies neglected to protect their online storage system and hundreds of thousands of records, including childrens’ names, ages and voice recordings, got exposed.
That puts the onus on parents to use complicated passwords for every connected toy they buy for their kids. Also, never let children access the internet from an unsecure Bluetooth or Wi-Fi connection.
Many wireless headphones now come with integrated voice assistants and involve security issues with which users are familiar. Also, if users can connect over Bluetooth, there’s always the risk it may not be secure, especially outdated versions of the protocol which likely have unpatched security holes. One easy precaution: Just turn off Bluetooth when the users are not using it, or near anyone who do not trust.
No comments:
Post a Comment