cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Chuxing
Community Champion

IoT security

The residential IoT devices are appearing in greater numbers, and a lot commercials are popping up on TV, like doorbell ring etc. While the usefulness is there, I tend to cringe a bit, worrying about the security.

 

Maybe I am a bit paranoid because I know a piece or two of the vulnerabilities that these devices may be exposed. To exaggerate the potential risks, I am posting this cartoon (and it is Friday, I got nothing better to do anyway): 

 

 

image.png


____________________________________
Chuxing Chen, Ph.D., CISSP, PMP
5 Replies
rslade
Influencer II

> Chuxing (Community Champion) posted a new topic in Tech Talk on 11-15-2019 05:10

> The residential IoT devices are appearing in greater numbers, and a lot
> commercials are popping up on TV, like doorbell ring etc. While the usefulness
> is there, I tend to cringe a bit, worrying about the security.

The only IoT device we have in the house is a smart TV, which the kids gave us
(and then wondered why I wasn't overjoyed). (I still have never told it the
password to the wifi ...)

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
Can we blame global warming on Flash? - MW, 20110326
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Caute_cautim
Community Champion

@ChuxingIt is totally relevant, but its as though everyone buries their heads in the sand and simply waits for it to happen.

 

Regards

 

Caute_cautim

Shannon
Community Champion

 

 

 

Yes, the IoT has us all exposed more than ever, though not everyone will think about the risks. I forwarded that cartoon to some friends on WhatsApp, and interestingly, once of them actually reverted, stating that this can be taken as funny and scary at the same time.

 

 

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz
Caute_cautim
Community Champion

I believe we need to do a lot more across the board raising security awareness for not only electronics manufacturers, retailers and also the consumers plus add the Privacy Commissioners of the various countries who take privacy seriously.

 

The Government of the day, needs to take responsibility of what is imported and have good expectations of electronic's manufacturers and their behaviour.

 

We should also claim down on whitelisting companies, if you are not IEEE registered, then dump, no matter how cheap it looks - it simply is not worth it.  

 

In otherwords, consumers do your home work well, research who the manufacturer is and question the Retailers - make them feel uncomfortable, so you can cut through the fluffy sales talks to the nuts and bolts.

 

Regards

 

Caute_cautim

 

Chuxing
Community Champion

As I was saying...

 

Cases of example, recently reported Ring been hacked:

 

https://www.washingtonpost.com/nation/2019/12/12/she-installed-ring-camera-her-childrens-room-peace-...

 

https://www.nbc-2.com/story/41428183/stranger-spews-racial-slurs-over-familys-hacked-ring-camera

 

God only knows how many Rings have been hacked, but users were simply not aware, while the intruders are watching (and maybe recording) in silent, and stealing information along the way......

 

Of course Ring's response was - it's users' fault:

 

"Unfortunately, when people reuse the same username and password on multiple services, it’s possible for bad actors to gain access to many accounts."

 

 


____________________________________
Chuxing Chen, Ph.D., CISSP, PMP