The security of your smart home doesn't just depend on the lock on your door or cameras in the yard. It also includes how securely smart devices connect to each other, to your phone, your Wi-Fi network, and the cloud.
To help consumers better understand the various strengths and weaknesses of each smart home device, a team of cybersecurity experts have created the YourThings Scorecards.
- How to create a $170 smart home security system in a budget
- 5 questions to ask before buying a smart home security system
- Cybersecurity of children's smartwatch was 'a train wreck', experts said
Currently, 45 popular smart home devices have been tested and awarded their scores, with more to come. These include products from Amazon, Google and Apple, plus those made by Belkin, Bose, Insteon, Nest Philips, Ring, Sonos, TP-Link, Wink and more.
Each product is accessed on the security of the device itself, but also the companion smartphone app it interacts with, its cloud service, and the security of its connection with your home network. Each aspect is given a percentage and a grade ranging from A to F. You can read about the team's full methodology here.
When looking at the device itself, Nest Guard comes out on top, followed by the Logitech Logi Circle. Third is the Nest Cam IQ and fourth is awarded to the Nest Camera. The speaker Canary smart security system rounds out the top five.
Nest devices scored highlyGoogle Nest
High-profile devices to perform poorly included the Amazon Echo. Despite scoring a B for device security, the smart speaker was awarded an F for its mobile app security, a D for cloud security and a C for the strength of its network security.
Very few devices performed well across the board, apart from the Canary security system, which earned the grades of A, A, B and A. Instead, many saw a great variation in the strengths of different aspects of their security. For example, the Apple HomePod smart speaker scored B, A, F, B, with the lowest score given for its cloud connection.
Both Google's Home and Home Mini smart speakers earned identical scores of C, D, A and F, with networking security letting the smart speakers down. The Sonos networked music system also performed more poorly than buyers might expect, with scores of D, D, A and F — as with Google Home, it was networking security which let Sonos down.
Another high profile poor performer was the August Doorbell Cam, which scored grades of C, D, F and F. The LIFX smart lighting system also struggled, with grades of D, D, C and D, while rival Philips Hue scored A, D, A and C. Both systems scored a D for their mobile app security.
Although scoring very highly for device security, all Nest devices scored 61.54 percent (a D grade) for their mobile app. Low scores here are awarded when an attacker is able to extract private information or security keys from the app, then use these to gain access to the device or its cloud service. Low scores are also given when an app asks for too much information from the user, then doesn't store it securely enough.
The team of experts behind the YourThings Scorecards is made up of Omar Alrawi, a computer engineering Ph.D. student, Chaz Lever, a research scientist and Manos Antonakakis, an assistant professor in the school of electrical and computer engineering, all at Georgia Tech, as well as Fabian Monrose, a professor of computer science at the University of North Carolina.
For now, the team admit there are limitations in what devices they can test. Devices must communicate over an IP network to comply with their test procedure, so devices which rely solely on low-energy protocols like Bluetooth, ZigBee and Z-Wave cannot currently be evaluated in the team's lab.
But this is still big step in the right direction for smart home security, and consumer understanding of how safe these products really are. We hope this grading system will eventually lead to an industry-wide standard which must be met before Internet of Things and smart home devices can be sold to the public.
The 5 Best Questions To Ask Before Buying Security Cameras - GearBrain www.youtube.com