How safe is your smart home?
CBC Radio | Posted: November 10, 2016 7:57 PM | Last Updated: November 10, 2016
The Smart Home sounds like a great idea. Control the heat so it's nice and toasty when you get home! Feed your pet remotely when you're stuck at work!
But is the smart home an unsafe home? The recent DDoS attack that temporarily downed popular websites relied on connected household devices like DVRs. Now, new research shows that smart light bulbs may be vulnerable to hacking.
Colin O'Flynn is a PhD student at Dalhousie University in Halifax. Along with fellow researchers in Israel, he made Philips Hue smart light bulbs install a phony firmware update. From there, O'Flynn was able to control the lights remotely. "This meant that you could reprogram them to do anything you wanted," O'Flynn says. "I could load software on them that just made them completely non-responsive, or made them blink really fast like a strobe light."
Philips has corrected this vulnerability, but it raises broader questions about the security of smart home devices.
Atul Prakash is a computer science professor at the University of Michigan. He specializes in computer security. "I would be cautious, overall," Prakash advises. "The technology is relatively new. Hardware is probably a little bit ahead of the software at this point, and a lot of vulnerabilities we are seeing are primarily on the software side of things." The software on smart devices gets compromised, he explains. "That's what caused the Denial of Service attack."
Despite these concerns, there's a push to popularize the smart, connected home. Smart speakers from Google and Amazon, and Apple's HomeKit system aim to streamline control of those smart devices, bringing them under a central hub. "They are good companies behind these products...with a lot of expertise, but nevertheless it's an active area of research to find security flaws," says Prakash.
For smart speakers, one risk is that malicious audio could compromise the system. Recent work has shown that this may be a problem in the future. "So essentially you could have...what looks like noise to a human ear, but is actually interpreted as commands," Prakash says. "So there could be something in the background, or somebody else in the background that could play some audio but instruct your [speaker] to act in ways that you didn't expect."
Part of the reason we've been thinking about the smart home is that there's such a push now to bring the connected home together with smart speakers like Amazon Echo, or Google Home. The idea is that you can not only ask it questions, or control your streaming music service, but that it works with a number of connected devices, like the Nest thermostat for instance.
It got Spark senior producer Michelle Parise thinking about praising...the stupid home.