Remember the Hong Kong-based crapgadgeteer Vtech, who breached 6.3 million kids' data from a database whose security was jaw-droppingly poor (no salted hashes, no code-injection countermeasures, no SSL), who then lied and stalled after they were outed? They want to make home security devices that will know everything you say and do in your house.
Vtech's new "Internet of Things home security suite" debuted at CES in Las Vegas last week, featuring a range of sensors and devices. They're doing lightbulbs! Because the world needs more badly secured, proprietary lightbulbs! There's cameras and curtain sensors and door sensors and, well, everything a savvy voyeur or housebreaker or kidnapper would need to compromise to utterly destroy you, everything you own and everyone you love.
But don't worry, Vtech says this time, they'll get it right.
Asked if they were worried about another hack, Brian Tompkins, the company’s vice president of sales, said that for “any company that sells a product that’s cloud based, or internet-connected, there’s always a worry or a fear.”
But this time, VTech is “going through penetration tests by a third party and everything is going to be very secure,” added Chris Conrad, VTech’s product marketing director.
A spokesperson later confirmed to me that VTech is “currently working with a third party vendor to thoroughly test the security of all of our products,” to learn from last year’s hack. The spokesperson, however, declined to name who the vendor is and what kind of tests they’re performing.
Hacked Toy Company VTech: Let Us Monitor Your House [Lorenzo Franceschi-Bicchierai/Motherboard]