We’re in the middle of a war on security and we are sabotaging ourselves for a little bit of convenience. As we bring more connected devices into our homes, we essentially create more windows for “Peeping Toms” to look into our lives – metaphorically speaking.
The connected home is undoubtedly a great concept. But there are many security risks that should be resolved before you dive into it.
Don’t Touch the Thermostat!
Earlier this year, Amazon added Ring’s wifi-enabled Video Doorbells to their lineup of smart home devices. With a Ring doorbell, you can see who’s at your door from anywhere in the world (with internet).
But, there’s a major security flaw. Any time a password is changed, the Ring system doesn’t boot all the connected devices off the system for over an hour. Basically, it’s like changing your school lock combo, yet the old combo (which other people know) still works.
You’d think that once you changed your password, everyone else would have to log in with the new password, right. It’s a pretty big flaw, especially if someone you don’t want gains access to your Ring system.
Actually, this reminds me of a hysterical Amazon review of the Honeywell wifi thermostat, where a divorced husband takes revenge on his ex-wife, who took the house, the dog, and the 401k. But forgot to change the password on the connected thermostat.
On frigid winter nights, from his home far away from hers, he drops the house temperature to 40 degrees. In the middle of June, when sweaty backs have a problem of sticking to bed sheets, he cranks her heat up to 80 degrees. And when she takes long vacations, he hikes up her electric bill by fluctuating the temperature all week.
Talk about a sophisticated kind of evil.
This goes to show a problem of unwanted people accessing connected devices. Both of these seemingly harmless, aforementioned flaws is what leaves a door open for criminals to take advantage of connected devices.
Inviting Unwanted Visitors
Just like any other computer, connected IoT (Internet of Things) devices can be inflicted with malware which cybercriminals can then take advantage of and control.
Back in October 2016, over 100,000 IoT devices – ranging from baby monitors to home security cameras – were infected with Mirai malware and used in a DDoS (Distributed Denial of Service) attack. Essentially, all the infected IoT devices began simultaneously flooding the internet servers at Dyn, a company that services websites such as GitHub, Twitter, Reddit, Netflix, Airbnb, and many others. As a result, those websites were temporarily out of service for millions of people – potentially causing millions of dollars in lost revenue to those companies.
Although this particular security flaw didn’t directly harm any owners of the IoT devices, this isn’t always the case.
Just months ago, dozens of people came to find out that their wifi-enabled home security cameras were giving one hacker a view into their most private household activities.
Steven Hankers gained access to household cameras, recording unsuspecting homeowners. Authorities found in his possession over 4,000 clips of couples having sex and young kids undressing. Think about the trauma for the families involved in this incident. To find out the device you bought to bring safety into your household had actually backfired.
We all want our homes to be sturdy and safe as a castle. Yet, bringing these devices into our homes is like leaving the drawbridge down.
Every time that you bring another connected device into your home, introducing it to your lifestyle in the name of more convenience, you’re risking your own personal security.
Unconnecting the Connected Home
One of the common first steps in “smartifying” one’s home is buying an Amazon Echo or Google Home smart speaker. Given their abilities to act as a hub or control center for many other smart home devices, these smart speakers are effectively the brains of the operation. And they are also fun to use – asking them to search the internet for you, play music, create shopping lists, etc… They are a total convenience tool.
To date, CIRP estimates that nearly 45 million smart speakers (Amazon Echo and Google Home) have been purchased and installed in US homes. That’s a lot of devices and a lot of security vulnerability.
What worries me about them, though, is that they are designed to always be on – ready for your command – since there’s nothing less convenient about a device you have to turn on in order to use, right.
Well, this is where I think we’re wrong.
There’s just too much security vulnerability presently involved in these devices for you to keep them always on. If they truly are the brains of a connected home, then my message is to shut off this brain occasionally. Give it a break. And give yourself a break from the possible security risk you’ve already brought into your home.
It’s not like the Amazon Echo or Google Home are solving world hunger. Powering them down won’t force insanity upon you.
Besides, is it really alleviating an inconvenience in your life?
We’ve become increasingly attached to adopting technology for convenience-sake, when in fact there may not be any inconvenience present at all.
Silicon Valley and tech companies live by the mantra that “customers don’t know what they want, so we have to tell them”. As a result, we get many solutions to problems we didn’t even know we had.
Uber and Lyft on the surface may have solved a problem of easy transportation. But studies are showing that they, in fact, create more citywide congestion by taking people off buses, bicycles, and their feet – placing them in cars.
We’ve exchanged one problem for another, which is a common thread in everyday life.
When we find that our schedule is complex, we add a service that’ll make it simpler. Only to eventually find out that managing this service has created more complexity than before. It’s an endless cycle of exchanging one problem for the next.
In reality, we create many of these inconveniences by looking for the easy solution.
If your schedule is busy, then maybe you should assess your daily routine and better optimize it… instead of looking for a service that’ll do it for you.