If an attacker takes control of a device inside your network -- by exploiting a defect in it or a mistake you made in configuring it or by tricking you somehow -- then they can do all kinds of bad things, like scanning your local network for other vulnerable devices, attacking them and taking control over them.
So, in a very real sense, security researchers can claim "A defect in $SOME_DEVICE allows attackers to take over $ANOTHER_DEVICE," and the latest version of this is that defects in your smart electric outlet are a stepping-stone to attacking your smart TV.
McAfee recently disclosed a defect in Belkin's Wemo Insight, an Internet of Things/smart electrical outlet.
McAfee's research points out that this could be use to attack your smart TV, though they admit this is just a colorful illustration (indeed, a defect in your smart TV could be used to attack your smart plug).
The bug underscores the primary risk posed by IoT devices and connected appliances. Because they are commonly built by bolting on network connectivity to existing appliances, many IoT devices have little in the way of built-in network security.
Even when security measures are added to the devices, the third-party hardware used to make the appliances "smart" can itself contain security flaws or bad configurations that leave the device vulnerable.
"IoT devices are frequently overlooked from a security perspective; this may be because many are used for seemingly innocuous purposes such as simple home automation," the McAfee researchers wrote.
Security MadLibs: Your IoT electrical outlet can now pwn your smart TV [Shaun Nichols/The Register]
(via Naked Capitalism)
We got one of these gadgets from The Lakeside Collection and it broke on the first use. It turns out the screw neck is made of the cheapest plastic known to man and is doomed to failure upon contact with anything harder than snow, such as ice, wipers, mirrors, roofracks, antennas, and so on. Worse, […]
It’s a very expensive wee gadget, the Teenage Engineering OP-1 [Amazon link; a used one from eBay is much cheaper]! Yuri Wong is an expert with its sampling and sequencing tools, and this video he uploaded is a fascinating illustration of how powerful and approachable they are. Download the mp3: https://gum.co/imadude [Logic Project download link […]
In the wake of this week's Motherboard scoop that the major US carriers sell customers' location data to marketing companies that sell it on to bounty hunters and other unsavory characters, Google has disclosed that they have told the carriers that supply service for its Google Fi mobile virtual network operator (MVNO) that they expect […]
These days, there isn’t much our iPhone camera can’t do – except feel like an actual phone. Despite years of steadily increasing resolution and image sensing technology, we’re still taking shots awkwardly with two hands, fumbling for the shutter button. Leave it to an avid photographer to design Shuttercase, a versatile iPhone case that solves […]
Still determined to keep those New Year’s health resolutions? If you’re going to stick with the exercise plan, it’s enough of a challenge to budget your time. No need for your financial budget to take a hit, too. Here’s a more convenient – and cheaper – alternative to a gym membership or Peloton bike: Two […]
Want a career in web design? It’s true that these days, most anyone can throw up a page or two. But for true workhorse web design, you’ll sometimes need to match the platform to the project. Enter the Complete Front-End Developer Bundle, an educational grand tour around the best tools for the web. For beginners, […]