Last July we announced our IoT Cybersecurity Education Program, providing free access to Binwalk Enterprise to help students learn about connected device cybersecurity. One of the early adopters has been Dr. TJ O’Connor, Assistant Professor at Florida Tech who used Binwalk Enterprise in his curriculum for the past two semesters.
Today we published a guest blog by Dr. O’Connor and Daniel Campos, graduate student, outlining some of their research findings – and it is eye-opening, underscoring the insecurity of consumer devices.
While the blog is technical, they demonstrate dangerous backdoors in popular consumer doorbells and security cameras made by Merkury/Geeni that they purchased (and are still available) from top trusted retailers in the US such as Walmart, Amazon, Home Depot, Best Buy and more. The vulnerabilities include:
These aren’t the first doorbells and cameras to have horrible security – our friends at NCC Group recently published similar findings for other manufacturers whose products are sold by common retailers.
Just as you expect products you buy from name brand stores won’t catch on fire and burn down your house, consumers should demand that those same products won’t spy on them.
There are many emerging regulations pushing for IoT cybersecurity labeling to give consumers confidence in the products they buy. For instance UL 2900, ioXt Alliance, and the Singapore Cybersecurity Labelling Scheme to name a few. Labels allow consumers to make good purchasing decisions when it comes to cybersecurity, and force vendors to adopt secure development practices.
Labels also can be used by retailers to stop selling products that are insecure. Most retailers seem to be waiting for laws to be passed before stepping up to protect their customers.
They shouldn’t wait.
Retailers have an obligation to be proactive in pushing for proper cybersecurity in the IoT devices they sell. Think of it not only as doing something good for their customers, but as a differentiating factor in their retail strategy. Most people would prefer to shop at a place they know is looking out for their safety and best interests.
Retailers have policies to prevent selling products that burn down your house or make you sick – how about not selling horribly insecure IoT devices that turn your house into a hacker’s playground?
This content was originally published here.
In this guide we explain some step by step guide which is used to connect ring doorbell with the Amazon echo show.…
Share Great Content for Our Resource Section.
AutomateMyHome.com provides the latest news, information and product reviews in the world of Smart Homes and IoT. Our team carefully researches and reviews stories from around the web to provide you the best. Our community welcomes everyone to submit ideas.
Submit ideas to: firstname.lastname@example.org