Technology development has been progressing at a staggering rate over the past decade. The consumer electronics industry now produces household devices like light bulbs, thermostats and even kitchen appliances with Internet connectivity. Hardware has gone beyond the scope of communicating with phones and televisions are being manufactured at such as staggering rate that security development can’t keep up.
Building prototypes for consumer goods have never been easier. Modular microcontroller boards like Arduino, based on open source hardware and software, allow entrepreneurs with no prior computer coding experience to build new devices at incredibly cheap manufacturing costs. Websites like Kickstarter allow a plethora of small monetary contributions from people all over the internet to fund all sorts of projects. Because these projects are run by small, independent companies or individuals, they might have small, or even nonexistent, budgets for hardware or software security.
The term “internet of things,” coined by the hardware and networking industry, is used to describe these devices and their large scale production and development leaves homes vulnerable to wireless attacks. The number of devices connected to the internet at home is growing to such an extent that updating the firmware on every existing device is unreasonable vulnerabilities are readily waiting to be exploited.
The low level of security awareness is frightening. Wireless baby monitor webcams had streaming video available publicly on the Internet, some wireless houses that display temperature, lights and other data broadcast to anyone willing to listen and even some devices display their username and passwords in plain text.
It might be easy to dismiss a hacked Wi-Fi light bulb as a minor nuisance from a mischievious hacker but the consequences are larger than that. Because all these devices in a household are typically connected to one Wi-Fi network, getting access into any one of these devices might make all the security on your other devices meaningless.
Keeping track of all these products is becoming increasingly unrealistic and soon a swarm of these cheap, untested, wireless devices from overseas will appear in homes throughout the country. Some researchers are starting initiatives like builditsecure.ly in order to security support for vendors that can’t afford to budget for security vulnerabilities. Many public hacking conventions, bloggers and hobbyists publicly share their discoveries with the internet in order to promote a safer, more secure devices for everybody. Unfortunately, the good will of the information security sector might not be enough to compete with the rate of “internet of things” devices created today but reading carefully about devices purchased and updating frequently is the best chance for a private, yet convenient, lifestyle.