Badly configured home automation systems are easy to locate using Google, and once you discover them, you can seize control of a stranger's entire home: "lights, hot tubs, fans, televisions, water pumps, garage doors, cameras, and other devices." The manufacturers blame their customers for not following security advice, but even "enthusiast" customers who think they've locked down their networks are sometimes in for a nasty surprise.
Read the rest
Insteon chief information officer Mike Nunes says the systems that I’m seeing online are from a product discontinued in the last year. He blamed user error for the appearance in search results, saying the older product was not originally intended for remote access, and to set this up required some savvy on the users’ part. The devices had come with an instruction manual telling users how to put the devices online which strongly advised them to add a username and password to the system. (But, really, who reads instruction manuals closely?)
“This would require the user to have chosen to publish a link (IP address) to the Internet AND for them to have not set a username and password,” says Nunes. I told Nunes that requiring a username/password by default is good security-by-design to protect people from making a mistake like this. “It did not require it by default, but it supported it and encouraged it,” he replied.
In Thomas Hatley’s case, he created a website that acted as the gateway for a number of services for his home. There is a password on his website, but you can circumvent that by going straight to the Insteon port, which was not password protected.
Here's a $149 gadget that you can mount over a door's deadbolt so you can turn the knob via your iphone.
Lockitron is an attachment you can place on the back of any deadbolt lock in your house that allows you to lock and unlock it remotely via your smartphone. Better than that, if you have your iPhone 5 in your pocket when you approach a Lockitron deadbolt, you don’t have to even have to use your iPhone because it will detect you via Bluetooth 4.0 and unlock automatically.
You can share access to your lock with friends and family so that if you’re not at your house and want to let them in you don’t have to worry about getting them an extra key. The sharing access feature makes it perfect for Airbnb customers.
If you've never used IFTTT before, give it a try. There are currently 50 "channels" on IFTTT, with everything from Twitter and Facebook to ESPN and weather. You create "recipes" that perform a certain action if a specific trigger is met. For example, I use a recipe that tweets the URL of every post that I write on TUAW from my Twitter account.
What does this have to do with WeMo? Well, there are IFTTT channels for the WeMo motion detector and switch. This opens up all sorts of possibilities. Say you want to receive a text message whenever your cat uses the litter pan. You set up a motion detector next to the litter pan, and every time el gato feels the need to go, you get tweeted.
There are even wilder things you can set up. Plug a fan into a WeMo switch, then set up an IFTTT recipe to turn the fan on if the local outside temperature goes above 85° F (I tried this -- it works). Have IFTTT call you whenever someone enters the house (it works). And if you want to shut that fan off, you can either write another recipe or just use the WeMo app to shut it off remotely.
Read Sande's complete review: Belkin's WeMo: iPhone-based home automation with a taste of IFTTT Read the rest