Smart home devices are a potential minefield of security problems. Some are open doors to viruses, some send our data, without our knowledge, to others locations. Pepper IoT's CEO Scott Ford calls this the "race to the bottom," he told GearBrain.
"If you think about the consumer grade connected devices available today, you have a layer of very well known and trusted brands, who have a reputation to maintain," Ford told GearBrain. But there is a race to the bottom, because many off shore companies are allowing access to their platforms for very low and no cost, allowing companies to put their devices into retail at very low prices."
- Stopping malware and hackers? Your broadband link is key
- McAfee tells us how secure our devices are at home
- Is our smart home growing more vulnerable to hacks?
Pepper IoT and Dark Cubed, a cybersecurity firm, looked at data coming from 12 smart devices they picked up from the shelves of big box stores including Best Buy, Walmart and even Amazon. Devices from Zmodo, Merkury and Guardzilla showed "scary security issues," according to the report, "The State of IoT Security."
Apps that controlled some of these devices also had security concerns, gaining permission to record audio, track someone's location, and even send all of that data to third-party companies, some even to IP addresses in foreign countries, including China.
In many cases retailers don't seem to understand how secure, or not secure, these device may be.Ultimately, said Pepper IoT, these issues can't be fixed with patches. Even worse, consumers can't really crack open their products and figure out if something is secure, and handling their data correctly, or not.
Ford believes retailers do have a responsibility to do more due diligence, to take responsibility of what they're offering consumers before they stock products on their shelves. Regulation, he believes, is also needed, with the government stepping in and protecting consumers.
"The idea of lightbulb or a smart plug or a video camera sending video or information to a foreign market is completely inappropriate," he said.