Subscribe to RSS - Amazon Echo

Amazon Echo

Why’s everyone “trippin’” about IoT devices?

 - 
Wednesday, June 19, 2019

According to urbandictionary.com, the somewhat “official” definition of “trippin’” means “when someone is overreacting or getting all ‘bent out of shape’ over something small.” And while most of the more popular IoT devices present themselves as a small physical footprint — for example, Google Home is only 3.79 inches in diameter, 5.62 inches in height and only 1.05 lbs. while on the other side of the ring, fighting for market share is the Amazon Echo Plus Voice Controller, 2nd Generation, standing at 5.8 inches tall, 3.9 inches in diameter and weighing in at 27.5 ounces — they can pack a huge, unsettling punch when it comes to security. 

Having taken an interest in IoT devices in terms of security, I’ve written previously about what connected smart home IoT devices are REALLY doing as well as covered IoT devices from the perspective of trust, in which California is the first state to pass a bill, Senate Bill No. 327, that will require IoT manufactures to equip devices with “reasonable” security features, effective in the year 2020. Maybe government control of IoT devices is a step in the right direction, maybe not, but the fact remains that, according to a report from Zscaler, over 90 percent of data transactions from 270 different IoT devices developed by 153 device manufacturers, including smart watches, digital home assistants, medical devices, smart glasses, industry control devices and more are UNencrytped! This exposes these devices to hackers intercepting traffic and stealing or manipulating data, known as man-in-the-middle (MitM) attacks. 

Let’s take a moment to explore a real-life MitM attack and how these attacks can rob people just like you and me of our security. 

Meet Paul and Ann Lupton from England: happy, proud grandparents of baby Oliver, who had purchased a flat (aka apartment) in south London for Oliver’s mother and their daughter, Tracey. After the birth of Oliver, Tracey moved to a bigger home, so the Luptons decided to sell the flat for approximately $429,200 … quite a nice chunk of change and apparently some “others” thought so too.

Perry Hay & Co. in Surrey emailed Mr. Lupton requesting his bank account details for the money from the sale to be paid into, and he replied, sending his Barclays bank account number and sort code (a six-digit number that identifies the bank, in this case Barclays, and the branch where the account is held). A seemingly innocent action that led to his email getting intercepted by fraudsters who posed as Mr. Lupton quickly emailing Perry Hay & Co. again from Mr. Lupton’s email account instructing the company to disregard the previous banking information and send the money to a different account.

The sale completed and Mr. Lupton, none the wiser, sent the funds to the criminals’ account totaling almost half a million U.S. dollars! 

Mr. Lupton responded by contacting Perry Hay & Co. and the crime was (very fortunately) discovered, and it was fairly easy since Barclays was the account provider for all three involved —the Luptons, Perry Hay & Co. and the fraudsters (hmmm, maybe not too smart on their part?!). The Luptons ended up retrieving about $342,000 of their money. 

While the Lupton’s situation didn’t involve IoT, per se, and it did have a rather happy ending since they got some of their money returned, it demonstrates what could happen if a hacker taps into one of your IoT devices, your smart home speaker, for example, and listens while you discuss private issues — account numbers, addresses to schools your children attend, when you’re going on vacation so your home can be burglarized and the like — with your household.

By no means am I an IoT “hater,” (as Urban Dictionary so eloquently puts it). I understand the useful and positive impacts these devices can have on the everyday; however, I do believe security should be the top priority when introducing an IoT device into your life. 

Maybe more manufacturers should be "trippin’" and then “encrytpin’” their IoT devices’ data!

ADT gets into the Ring

 - 
Wednesday, July 20, 2016

ADT announced earlier this week that the Ring video doorbell is now available for its customers nationwide. While the Ring has made some noise in the smart doorbell category, there are many options to choose from when it comes to this first-line-of-defense product for homeowners.

Others who have had success with doorbell cameras include Vivint, Skybell and August, to name just a few.

As more and more consumers begin to embrace smart home products like the video doorbell, dealers are adding these devices to their security and home-automation offerings, and partnering and integrating with others to provide a complete home automation and security package.

For example, ADT customers can incorporate the Ring video doorbell as part of their ADT Pulse smart home security system and lock their door, turn on their lights, and activate their ADT security system directly within the Ring app, all while seeing who is at the door.

Similarly, Vivint’s Doorbell Camera, which won a 2016 Innovation Award from the Business Intelligence Group earlier this year, works with its smart home platform, so homeowners can engage in two-way conversations with visitors on their doorsteps from their mobile devices, while simultaneously using Vivint’s smart home technology to remotely unlock the front door, open the garage door, disarm their security system, for example.

On the supplier side, SkyBell, which was nominated for a CES Innovations Design and Engineering Award, has integrated with Nest, Amazon Echo, Honeywell, Alarm.com, Monitronics, Kwikset, Icontrol Networks and IFTTT, all in an effort to allow complete control of a homeowner’s security and smart home system.

And the August Doorbell Cam is part of the August Smart Home Access System, so all of the August Home products, along with its app, work together. August is also integrating with other companies, such as Honeywell, which recently integrated the August Smart Lock with its Total Connect 2.0 Remote Services platform.

For many homeowners, the video doorbell is their first-foray into smart home technology, and it is helping to drive the continued growth of other security cameras and smart home devices and apps. 

In fact, new research that came out this week from Parks Associates estimates that nearly 24 percent of U.S. broadband households will have an IP camera by 2020, while more than 50 percent will have a smart home controller and 26 percent will have a home security system.

What this study and others like it are finding is interest in products like the video doorbell is driving consumer interest in security, which can only benefit security dealers moving forward.