Smart home systems aren’t secure, says study

A future where our homes are connected to our smartphones, and all our appliances are hooked up to the internet of things, sounds exciting– think of the time you’ll save when your fridge can order its own groceries, or you can switch off your lights and put on the burglar alarm with a single swipe. But before these things can become commonplace, it looks like tech companies have a lot more work to do on internet security.

HP’s security division studied 10 app-controlled devices and found that most of them could be easily hacked. Most allowed passwords that aren’t complex enough to prevent a security breach, seven of the devices didn’t encrypt data before transmitting it to the internet or a local network and six didn’t encrypt their software or firmware updates, meaning a hacker could use your fridge or TV to send spam (as happened with 100,000 appliances back in January). The devices’ corresponding websites also had vulnerabilities, including making it easy for hackers to take over people’s accounts via the password reset function.

The firm compiled a report of their findings, which also expresses concern over the privacy of users, questioning why devices collect information including name, date of birth, and credit card details, all of which could make it easier for someone’s identity to be stolen.

Ian Brown, who is a professor of information security and privacy at the University of Oxford, told the BBC that companies are going to have to up their game if they expect the public to embrace the internet of things, considering this news. ‘I hope device manufactures realise they have to do much better if they want to avoid damaging consumer trust in the whole sector before it even takes off,’ he said.

Image via Steve Larkin’s Flickr.

Diane Shipley