Showing posts with label Internet of Things. Show all posts
Showing posts with label Internet of Things. Show all posts

Monday, February 9, 2015

Smart TV or Spy TV (Dumb TV)

<<---------- Scroll down for news. ---------->>

If George Orwell hadn't died in 1950, he'd be pretty proud of television manufacturers for inventing sets that contain cameras, speakers, and now, speech recognition with the capability of converting audio speech into digital data. I'm speaking of Samsung's smart TV that has the ability to listen in and send everything you say down the wire to others via the Internet.

As far fetched as it may sound, this is only be beginning. Read it for yourself!

The potential privacy intrusion of voice-activated services is massive. Samsung, which makes a series of Internet connected TVs, has a supplementary privacy policy covering its Smart TVs which includes the following section on voice recognition (emphasis mine):

You can control your SmartTV, and use many of its features, with voice commands. If you enable Voice Recognition, you can interact with your Smart TV using your voice. To provide you the Voice Recognition feature, some voice commands may be transmitted (along with information about your device, including device identifiers) to a third-party service that converts speech to text or to the extent necessary to provide the Voice Recognition features to you. In addition, Samsung may collect and your device may capture voice commands and associated texts so that we can provide you with Voice Recognition features and evaluate and improve the features. Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition. (read it!)

Here's another headline, oddly enough from CNN: The camera in your TV is watching you.

I first became aware of this issue when reading a news item some years ago that told of China holding some kind of hack class among young teenagers where they were given an education on hacking. One of the projects was to hack the camera in an Internet-connected television.

Today's high-end televisions are almost all equipped with "smart" PC-like features, including Internet connectivity, apps, microphones and cameras. But a recently discovered security hole in some Samsung Smart TVs shows that many of those bells and whistles aren't ready for prime time.

The flaws in Samsung Smart TVs, which have now been patched, enabled hackers to remotely turn on the TVs' built-in cameras without leaving any trace of it on the screen. While you're watching TV, a hacker anywhere around the world could have been watching you. Hackers also could have easily rerouted an unsuspecting user to a malicious website to steal bank account information. (read it!)

Another story, published as far back as December, 2012, speaks of the same kind of vulnerability:

Smart TVs, particularly Samsung’s (005930) last few generations of flat screens, can be hacked to give attackers remote access according to a security startup called ReVuln. The company says it discovered a “zero-day exploit” that hackers could potentially use to perform malicious activities that range from stealing accounts linked through apps to using built-in webcams and microphones to spy on unsuspecting couch potatoes. Don’t panic just yet, though. In order for the exploit to be activated, a hacker needs to plug a USB drive loaded with malicious software into the actual TV to bypass the Linux-based OS/firmware on Samsung’s Smart TVs. But, if a hacker were to pull that off, every piece of data stored on a Smart TV could theoretically be retrieved.

As if the possibility of someone stealing your information and spying on you isn’t scary enough, according to ComputerWorld, “it is also possible to copy the configuration of a TV’s remote control, which would allow a hacker to copy the remote control’s settings, and remotely change the channel.” (read it)

Not sure I want a smart TV because it sounds pretty dumb to me.

Al Colombo


For the serious researcher:
ToganX.Info

Copyright©2014/Allan B. Colombo
www.alcolombo.us / al_colombo@hotmail.com
(Permission is given to republish blog posts providing
my contact information and copyright notice are included.)

Subscribe

Be sure not to miss each and every blog comment by subscribing to my email service. Every time I publish a comment or an update, you will be the first to know. To sign up, enter your email address in the email subscription box on the top right of this page. Thank you!

Where and how to follow Al Colombo via TpromoCom:

To contact Al Colombo, click here.

Monday, June 2, 2014

Maybe Having a Smart Home Isn't all That Smart

<<---------- Scroll down for news. ---------->>

"Network World - A year ago, people were mostly talking about the potential of the Internet of Things (IoT) — what companies and government entities might do in the future to take advantage of this widespread network of connected objects" (The Internet of Things gets real, Network World, http://bit.ly/1n6ntuC).

The fact is, people were talking about the Internet of Things (IoT) long before a year ago. In the mid- to late-1990s, for example, I was writing about this form of connectivity between machine and service provider/owner in the magazine I worked for as an associate editor (Security Distributing & Marketing).

Internet-Connected Appliances

One of the applications to which IoT lends itself well is that of maintenance updates to a variety of companies with regards to the equipment they sell. Examples include the following:
  • Refrigerators
  • Heating Plants
  • Air Conditioning Units
  • Washing Machines
  • Cloths Dryers
  • Conventional and Microwave Ovens
  • Chillers
  • Electrical Systems
  • Smart Electric Meters
..to name only a few.

A good example of what could take place when your conventional oven develops a problem is that an update of the situation is sent to either the manufacturer or the maintenance company of record over one of the in-house broadband connections. The update would provide important ID information that enables the company to generate a call ticket. You would then be notified of the problem and given an opportunity to have a repairman come to your home or business to fix it.

Back in the 90's, there was talk of including some type of infrared scanning system that would be capable of inventorying all of the foods you keep in your refrigerator. When you are running low, a notice would be sent to you in email, providing you with a shopping list of needs for your use. Or, at the same time, this list could be periodically generated and sent to the grocery store of choice for delivery to the home.

The Danger of Connected Appliances

In the 90's, when we thought of Internet-connected appliances, we thought in terms of Category 5E or Category 5e cabling. Today, all of these devices will connect to the Internet through the WiFi system in our homes and businesses.

Well, other than being irradiated by more radio waves banging around the house, we will come to the stage where your refrigerator can be hacked. We know our computers can be hacked. Recent news stories have revealed that chain stores, banks and the government can be hacked. Cellphones can be hacked, which by the way we pointed out to our readers several years ago. So now we approach the time when your Internet-connected house can be hacked. It seems silly, of course, but the reality is, if your freezer or furnace can be reached through the Internet, it may be that the device you use to control them can be hacked. Which means, as we extend this thought into total paranoia, your passwords could be as vulnerable to a meltdown as your freezer. Will hackers soon be eyeing your fridge?

As most of you know, one of the ploys used by hackers is to get you to respond to an email by clicking on a link or simply replying to an offer. The ensuing information, especially where you reply, carries valuable information that tells the hackers exactly where you are in terms of the World Wide Web. It provides the exact IP address so they can work to enter your home via the network.

Although service providers are not apt to give out your IP to those they do not know, as well to those who have no business having it, this kind of information can fall into the wrong hands by a variety of ways. Any one of these signals can draw the attention of hackers, and even though you may not think this could be destructive, think again.

Hacking Your Appliances

With all the data flowing in and out of your home between the various appliances and those responsible for their on-line care, it's even more likely that hackers can find their way to your home. Once they enter the network through your heat pump, it's possible to penetrate other devices on your network, including your computer.

For example, a hacker who gains access to your furnace could reprogram it. They might change the set points--which is the temperature it comes on and goes off. They might even alter the safety controls that safeguard your home from fire.

Hackers could also enter your refrigerator, perhaps turning it off, adjusting the temperature so it freezes all the food, or they might cause some other combination of undesirable events to take place. At the very least, they would have a complete list of everything you have in it.

Would you allow a stranger off the street to open your front door, walk in, and open your refrigerator door? I didn't think so.


For personal security information and products,
visit www.OhioHootOwl.com.

Copyright©2014/Allan B. Colombo
www.alcolombo.us / al_colombo@hotmail.com
(Permission is given to republish blog posts providing
my contact information and copyright notice are included.)

Subscribe

Be sure not to miss each and every blog comment by subscribing to my email service. Every time I publish a comment or an update, you will be the first to know. To sign up, enter your email address in the email subscription box on the top right of this page. Thank you! To contact Al Colombo, click here.