back to article Samsung tightens smart home kit security after curious bods prod apps

Samsung has said there's nothing for owners of its SmartThings home security gear to worry about – after researchers showed numerous ways to commandeer devices and disable locks. The three researchers from the University of Michigan, who were partially sponsored by Microsoft, have demonstrated that with the help of malicious …

Silver badge
Devil

"The potential vulnerabilities disclosed in the report are primarily dependent on two scenarios – the installation of a malicious SmartApp or the failure of third party developers to follow SmartThings guidelines on how to keep their code secure"

Yep, app stores have shown exactly how easy is to keep malicious apps outside!

4
0

All IoT manufacturers seem to follow a similar development cycle.

1) Imagine semi-useless device

2) Rush to market with minimal development and zero consideration for security.

3) Wait for researchers to poke holes in it everywhere.

4) Patch the most obvious flaws while no doubt leaving major issues behind.

7
0
Silver badge
FAIL

Re: All IoT manufacturers seem to follow a similar development cycle.

Nope wrong:

1) Imagine semi-useless device

2) Rush to market with minimal development and zero consideration for security.

3) Wait for researchers to poke holes in it everywhere

4) Ignore security issues and claim they are features for ease of use.

1
0

I said it before ...

Insecure

Default

Internet

of

Things

1
0

As a SmartThings owner ...

SmartThings can barely be relied upon to turn your lights on when motion is detected, I wouldn't trust it to unlock my door (or *not* unlock it!) let alone as my fire/burger alarm.

0
0

Wait

Are you telling me an IoT manufacturer actually fixed a security issue?

I don't believe it.

1
0
Thumb Up

Buy Brands not Devices

I think it is important to purchase products from Brands who have a lot to lose if their security and privacy is not up to scratch. We saw that a flaw was identified with the Ring Video Doorbell had a loophole which allowed hackers to access the wifi network. The Ring company was able to fix the flaw within 24 hours of been notified. Samsung and their ilk are incentivized to protect their brand and the multi billion IoT industry. I guess on top of this... everyone should be double checking permissions for any smart home application that they download.

I blog about these issues on my site http://smarthomesage.com/

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017