Is The Smart Home Really Reliable?

Security experts have warned.

Risks exist.

When it comes to smart home, these risks become even more frightening.

According to a report by Gigaom, Synack, an enterprise safety research firm, tested 16 common devices of the Internet of things, from SmartThings devices to Nest and Lyric thermostats.

It turns out that they all have different degrees of security problems. Among them, networked cameras are the most unsafe.

"Nowadays, the security of the Internet of things is like that of computer security in the 90s, everything is new, without any safety standards or security monitoring methods."

The company's security research analyst ColbyMoore said.

Synack inspection equipment can be divided into four categories: camera, thermostat,

Hubs and smoke detectors.

Among them, the security vulnerabilities of cameras are the largest, but the products of Dropcam are the safest.

In the thermostat, the safest product is Nest.

Another way of attack is mentioned in this safety report.

Someone can intercept IOT devices and replace them.

This may seem troublesome, but Moore points out that such attacks will continue to increase in the future.

In addition, users will also face such security risks in the returned or second-hand equipment.

In addition to the problems of the device itself, cloud security needs attention.

When different devices are connected and share data through the cloud, new security risks will arise.

Therefore, Moore believes that the current safety situation of smart home is "awful".

His suggestions for IOT equipment are:

Use wired connections as far as possible.

When devices are connected wirelessly, users will be notified when they are dropped.

Firmware updates should be automated, especially when security vulnerabilities and defects are involved.

Do not wait for users to manually upgrade.

Use strong passwords.

Passwords should be combined with numbers, special symbols and letters, and more than 12 characters.

Sending to the cloud

Use secure connections.

Do not store data on the device to avoid being black.

If you use SSL, check the certificates at both ends (server and client).

Some devices obviously did not do that.