Internet
of things (IoT) can prevent you from many attacks but it doesn't keep you safe
from data privacy. This article explains some of these privacy issues and how
to fix them. Let's start by looking at the ways that IoT devices can violate
your privacy and how to avoid them.
1. IoT Home Hub
Devices Record Everything
Some
devices, like Google Home and Amazon Echo, constantly listen to their
surroundings. This ensures that they hear you when you say their
"keyword", which starts the audio recording.
Of
course, something that's always listening to you poses a privacy risk in and of
itself. It has been widely speculated that these devices always send the
recorded information home, even if the user has not activated it through their
password.
Although
this speculation is not based on the truth, it is a fact that home hub
operators receive private voice logs after the device mistakenly heard their
keyword. The BBC reported that Apple and Google have prevented their employees
from playing recordings of home centers. This was after the contractors
discovered they were listening to intimate moments that were mistakenly
recorded.
How
to fix IoT devices that always listen to you?
While
popular smart home hubs have checkboxes that you can select to not track your
voice, who knows what happens in the background? Imagine if a stranger was
involved in all of your discussions and you simply made him promise not to tell
anyone what you hear.
Therefore,
the best way to solve this IoT security problem is to not allow this to happen.
Don't buy smart devices with 24/7 listening capabilities (if possible). Devices
that are always listening are identifiable if they are marketed as
voice-activated, as they need constant monitoring to hear commands. You can
also use Internet
security software to protect your activity on internet
2. They Can Be Hacked
From The Outside
A
great advantage for IoT devices is their ability to receive commands from the
Internet. This allows users to control smart home devices from anywhere in the
world.
However,
this functionality is not perfect. While the smart home remote allows
independent location control and monitoring of your home, it also opens the
door for hackers to do the same. Hacking is one of the scariest privacy
concerns in IoT, as people all over the world can access your home uninvited.
It
seems something of science fiction, but unfortunately it is a reality. Trend
Micro claims that its software blocked 5 million hacking attempts on IoT
cameras, 75% of which were brute force attacks.
How
to solve IoT problems with remote hacking?
To
fix this, you need to set up a proper remote system that can keep hackers out.
Since hackers primarily use brute force techniques to break in, your system
must be strong enough to withstand a barrage of attempts and have a total
security software installed in your device
Protect
your account with a strong password and, if supported, use a two-factor
authentication device. Both will prevent a hacker from easily accessing your
home.
3. Devices Don't Use
Encryption
This
is a giant red flag for anyone who cares about their privacy. This means that
no effort has been made to encrypt them; anyone could analyze the packages and
extract their data.
How
to fix the lack of IoT encryption?
Use
only IoT devices that properly encrypt your data. The product is expected to
indicate its encryption type on the package or advertising. If not, it is a
good idea to play it safely and not buy it. At the very least, you can get it
and take care of the data you send; never use it for something you wouldn't
want someone else to see.
Another
option is to use the VPN encryption scheme on your network. Some routers allow
the user to set up a virtual private network or VPN on it. A VPN installed on a
router allows the user to encrypt and route all their traffic through a
third-party server. This would prevent any third party intruder from inspecting
the data transferred between the user and the endpoint.
4. IoT Devices Are Not
Updating Properly
Devices
that are under pressure from hacking attempts must be properly equipped with
the ability to receive patches. If an exploit is detected on a device, news can
spread rapidly across the Internet, putting all owners of that device at risk.
A
security patch is the best way to combat these flaws as they appear over time.
However, the world of IoT has some serious patching issues. Devices may have
very bare bones after launch or have no means to be patched. A device may have
the basis for security patches, but in the fast-paced world of IoT, the company
behind it may not work, leaving the device stuck with no updates.
How
to fix it?
Unfortunately,
there is no way to actively patch your IoT devices. Fortunately, you can take
your action by choosing reputable companies or looking for open source IoT
devices.
Relying
on a startup may mean that your lack of experience will lead to slower updates;
that is, if they do not fail. Larger companies will have more experience,
faster patch response times, and much less likely to duck.
5. Devices Use
Factory Default Passwords
A
simple or default password is the easiest way for hackers to crack devices.
Some companies will provide each device with an individual password to avoid
this flaw, but others will set the same password for all devices they create. If
users of these devices don't mind changing their password, hackers can learn
the factory default login information and test it on all the devices they can
find. They are expected to find some that still have the default credentials,
offering them unprecedented access to the device.
How
to fix it?
If
all purchased devices have a default password, change it immediately. Keeping
the old password is to leave the door open to all would-be hackers who know the
credentials of your particular device and install total
security to have full security on your device.
Improve IoT Security
The
IoT is currently rife with security holes, making it difficult to trust them
with your privacy. By taking some proper precautions, you can enjoy IoT devices
without handing over your data to hackers.
No comments:
Post a Comment