We Took Over These Stupid IoT Hacks
Whether it’s the poorly lit stories of jailbroken Samsung TVs , the sadly hilarious stories of jailbroken teddy bears, or even more bizarre claims of listening to microwaves , real, fake and hyped reports of all the things that can happen to the devices we choose to connect to the Internet dominates in the news. We have incurred this stupid future.
Over the past few years, under the pretext of simplicity, we have connected everything we can to the Internet. You can connect light bulbs , refrigerators , sex toys , pet feeders, and more. These devices are commonly referred to as the Internet of Things (IoT). How poorly thought-out they are is a common joke , but that doesn’t stop them from going out at an accelerated pace.
There are many potential issues with IoT devices, but the two most common issues to talk about are security and usability.
Security on IoT devices is already poor and consumers don’t care about improving it
The security of IoT devices is so poor that when we hear about a compromised IoT device, we usually shrug our shoulders right away. It’s not a big deal yet, but it will be.
Let’s make a backup first. Several different security scenarios work here. Hacking your IoT devices to infiltrate your network, hacking your devices to create a botnet and spying on you.
To begin with, IoT devices are difficult to protect. For ease of use, they often have weak protection. Connecting to an internet-connected lightbulb using two-factor authentication and a strong password would be a headache, so instead they use simplified defenses that are easy to undermine. By default, the light bulb transmits one Wi-Fi signal and asks you to connect to it and enter your Wi-Fi network information. If a hacker is having a good time and is close to your home,he can easily spoof this light bulb to get your Wi-Fi login . The scenario is rare, especially considering how close they need to be. However, that distance is already increasing, with one light bulb breaking lamp, according to the New York Times, working from a distance of up to 229 feet.
We’ve seen security holes like this everywhere, from a Wi-Fi- connected Barbie to a jeep . Samsung had a smart refrigerator that didn’t validate SSL certificates , which meant someone could use a malefactor-in -the-middle attack to hijack your Google login information. This was all pretty niche until October 2016 , when IoT devices were hacked to shut down huge chunks of the Internet.
It turned out that the crashes were the result of a distributed denial of service (DDoS) attack. This is when hackers flood websites with fake traffic, causing the site to be hacked. In October, the victim was Dyn, one of the web redirecting organizations. Hacked IoT devices are the cause of this DDoS attack. The hackers used a system known as the Mirai botnet, which scans the Internet for IoT devices that still have factory default usernames and passwords. He then hacks into this device and uses it to increase website traffic. In Mirai’s case, our own disdain was manifested. An astounding number of people don’t change the default logins on their devices.
Espionage works in different ways. The more traditional view that most of us have is something like the CIA using a Samsung TV to spy on people’s conversations . This shouldn’t come as a surprise, given that the former US Director of National Intelligence said last year, “In the future, intelligence services may use [the Internet of Things] to identify, observe, monitor, track and target, to recruit or gain access to networks or user credentials. “
This whole CIA thing was a bit exaggerated because it required a flash drive connected to a TV and it was all fixed by firmware updates anyway, but it sets a daunting precedent for surveillance. Not only the government is interested in espionage, but also the companies that produce these devices.
For example, the We-Vibe sex toy recently reached a $ 3.75 million settlement after researchers discovered it was illegally collecting data without the user’s consent. This privacy breach was only discovered because security researchers discovered a software flaw that could allow a hacker to remotely control the vibrator. They then found that user preferences and statistics were sent to the We-Vibe servers. We-Vibe isn’t the only company doing this, Vizio recently agreed to illegal user data collection on smart TVs , and Amazon is streaming audio recorded by Echo in a murder case .
Many of these problems are our own fault. We buy these devices even if we don’t need them. We connect TVs with microphones to the Internet, although we have dozens of other devices that perform better than any smart TV. To top it off, we forget to ever change the password on these devices.
Plus, our own paranoia has made things much worse than they should be. Everyone I know has come to the conclusion that the government is spying on us through televisions. So when Wikileaks released information that the CIA was using Samsung TVs to spy on people, no one worried. This is not new thinking either. Snowden ‘s leaks caused the same reaction. This lighthearted and casual attitude has already led to several mostly harmless hacks. But moving forward will certainly not get better.
The future will get dumber and your life won’t get better
Aside from security concerns, there is also the dubious claim that any of these devices should exist in the first place. Most IoT devices seem to come from brainstorming sessions that ask one question: “Wouldn’t it be nice if I could test this on my phone?”
Like, would it be nice if I could control the multicooker from my phone? Or would it be nice if my rectal thermometer saved data online ? Maybe you want to know how many eggs are in the refrigerator, in which case it would be nice if there was some magical device that could tell you this?
Connecting your device to the Internet is nothing more than a scheme that forces you to buy a new version of what you already have. One of the best things about a multicooker is that you put it on and forget. You (hopefully) don’t use a rectal thermometer enough to track this data online. If you want an app that tells you how many eggs are in your refrigerator, you have more serious problems than deciding what to buy at the grocery store. Does Wi-Fi signal work in your fridge at all?
Even useful IoT devices still have serious problems. If the internet goes down, you won’t be able to control your smart thermostat. Worse, you won’t be able to feed your cat with an overpriced internet connected pet feeder. If the company goes bankrupt, as was the case with Revolv , a smart home startup acquired by Nest, all your devices will be useless. Even if you like the idea of the Internet of Things, the fact is that almost none of these devices communicate with each other. Even your hacked crappy house of the future requires 25 apps to activate the dumb “party mode” you never use.
I have yet to see an IoT device that really dramatically improves my quality of life. In terms of accessibility, something like the Echo might make life easier for some people, but it’s hard to see how it helps consumers in general. Sure, setting up a thermostat is now a little easier than on that crappy LCD screen, but does it need internet to do that? I can use the touchscreen on the device itself. Additional internet-related features seem like diminishing returns if you don’t turn a boring device into a fun toy for the day.
There is no indication that any of this will change. In fact, all signs point to the Internet of Things getting dumber and dumber until eventually everything is online.
The IoT seems unstoppable. One researcher suggests that by 2025 we will have over 80 billion smart devices on the Internet . This suggests that everything in your home will be online. From refrigerator to office chair. We keep buying these devices because either we fall in love with additional sales or we still dream of the smart home that Jetsons promised us. IoT device manufacturers are not trying to innovate. They plug the base computer into an existing device, create an unsafe application to work with, and then shut down.
What happens next is, at least in part, up to us. You can demand more security. Or you can skip buying any of that crap to start with. It’s doubtful if this will change what device manufacturers are doing, but at least you don’t have to worry about the government spying on your microwave.
Otherwise, change the default password.