Is your smart home spying on you?
International researchers are issuing a dire warning of security and privacy concerns lurking within smart homes. Led by IMDEA Networks and Northeastern University, scientists were able to demonstrate a variety of security and privacy threats due to the local network interactions of Internet of Things (IoT) devices and mobile apps.
As smart homes continue to evolve, they encompass a wide array of consumer-focused IoT devices, including smartphones, smart TVs, virtual assistants, and CCTV cameras. These devices come equipped with cameras, microphones, and various sensors that can perceive activities within our most intimate spaces – our homes. However, can we truly trust these devices to handle and safeguard the sensitive data they collect?
[...] For the study, researchers delved into the intricacies of local network interactions among 93 IoT devices and mobile apps and were able to unveil numerous previously undisclosed security and privacy concerns with real-world implications.
Contrary to the common perception that local networks are secure environments, the study highlights new threats linked to the inadvertent exposure of sensitive data by IoT devices within local networks using standard protocols like UPnP or mDNS. These threats include the revelation of unique device names, UUIDs (Universally Unique Identifiers), and even the geographic location of households. These can be exploited by companies involved in surveillance capitalism without the users' knowledge.
"Analyzing the data collected by IoT Inspector, we found evidence of IoT devices inadvertently exposing at least one PII (Personally Identifiable Information), like unique hardware address (MAC), UUID, or unique device names, in thousands of real world smart homes," explains study co-author Vijay Prakash, PhD student from the New York University Tandon School of Engineering. "Any single PII is useful for identifying a household, but combining all three of them together makes a house very unique and easily identifiable. For comparison, if a person is fingerprinted using the simplest browser fingerprinting technique, they are as unique as one in 1,500 people. If a smart home with all three types of identifiers is fingerprinted, it is as unique as one in 1.12 million smart homes."
Anyone remember these tongue-in-cheek predictions made 75 years ago?
(Score: 0, Troll) by Runaway1956 on Wednesday November 01, @01:24AM
When you use services at Google, etc, you aren't the customer. You, the "end user" are the product, the customers are advertisers and other snoops.
With the IOT, again, you are not the customer, you are the product. Those apps aren't there for your convenience, they serve the customer's purposes. Your smart television collects data, your smart thermostat collects data, your smart fridge collects data, and that data is sold to the customers.
Whatever bits of convenience you might get out of those devices is incidental to the customer's purposes. That tiny bit of convenience was just the lure or the bait, wrapped around that fishing hook.
At least a smart phone actually provides a genuine service that most of us are willing to pay for. At least that phone can be secured from most tracking, if you're willing to secure it. That dishwasher, or clothes washer? There is no rational reason why they need to communicate with anything, anywhere. "Please, buy our washer with a smart app, so that we can keep track of more personal details of your life!"
(Score: 0) by Anonymous Coward on Wednesday November 01, @02:01AM
More along the lines of, "Anyone remember these tongue-in-cheek predictions made 75 years ago?" --
I never understood this song, until I saw a reference to it yesterday and looked it up:
https://en.wikipedia.org/wiki/I.G.Y._(What_a_Beautiful_World) [wikipedia.org]
https://www.youtube.com/watch?v=OPO-j16VmRw [youtube.com]
