Thread: MW spies, you fell for it?
View Single Post
  #21 (permalink)   Report Post  
Posted to rec.food.cooking
lucretia lucretia is offline
external usenet poster
  
Posts: 212
Default MW spies, you fell for it?
On Sun, 25 Jun 2017 12:31:55 -0600, U.S. Janet B. >
wrote:

>
>Here's the real time stuff from Snopes
>
>http://www.snopes.com/2017/03/13/kel...rowave-spying/
>
>Janet US

This was the avast email = I think his explanation was interesting and
likewise his caution at the end. The microwave bit was just a jazzy
headline to the article.

Jas Dhaliwal, 27 April 2017

Dismissing IoT device threats in the “internet of everything” world is
easy. But privacy and personal data loss isn’t science fiction, so
don’t fall victim.

I confess, I am drawn to any device that promises to make my life
easier. My first experience with what we now call the Internet of
Things (IoT) was a few years ago, when I bought a number of
internet-connected lightbulbs. The feeling I had turning on my
bedroom lights with just a tap on my phone was nothing less than sheer
joy. I was hooked.

Over time, I introduced more connected devices into my home. My
thermostat now automatically adjusts the heating or cooling based on
the outside temperature. I can summon any song just by speaking into
the Wi-Fi speaker in my kitchen.

In short, I feel like I’m living in the house of the future, today!
These connected devices have made my life, and many people’s lives,
easier (and, let’s face it, cooler).

But nothing comes without a price. So how much are we paying for all
this convenience? Is it too much? And how much are we willing to pay?
Things are more vulnerable than we think

Most of us, even a tech-geek like me, dread having to update our
computers and phones. What we often forget, or don’t realize, is that
most software updates aren’t an inconvenience – they’re meant to help
us. Updates fix bugs in the software, including important security
holes, to protect our devices and our information. Despite the
inconvenience, regular updates aren’t just good, they’re vital. Think
of them as booster shots, developed to combat a constantly evolving
array of potential threats created by unscrupulous people who are very
motivated to “cyber” profit from others’ lack of diligence.

But in a world of connected everything, how easy – or available – will
these necessary updates be when they’re for toasters, or
refrigerators? If my future dream refrigerator will know when I’m low
on milk, apples, and mustard, then order them for me, using the credit
card in its memory, will its manufacturer and engineers be diligent
about ensuring hackers can’t simply reverse engineer the software,
find bugs, and exploit them? Will they have that level of security
expertise, and the resources to stay ahead of vulnerabilities that
could expose my personal information to thieves?

We could soon be living in homes that constantly collect knowledge
about everything we do – what we watch, what we eat, when we sleep,
how long we’re at home, what we talk about.

Precisely because connected device manufacturers know they cannot
provide this level of security, they tend to downplay the range of
possible privacy risks. We’ve all gotten a good laugh at the idea of a
“microwave spy,” and to be fair, this particular type of appliance is
(at least for now) rare. But really, what dangers could, say, a
connected printer and a connected refrigerator pose to each other, or
their owner?

Quite a few, as it turns out. And not minor ones.

Last fall, malware known as “Mirai” compromised IoT devices, such as
microwaves and house lights whose factory default usernames and
passwords were still stored in their memories. Unlike with most
computers, these embedded details are at worst permanently hard-coded
into the devices and at best not easily changed. Once it had infected
the devices, the Mirai malware instructed them to send a Distributed
Denial of Service (DDoS) attack against the internet, causing many
websites to be unavailable. In short, the malware exposed device data
and used it to remotely control them, right under their owners’ noses.
Does IoT stand for end of privacy?

As if having your “internet of everything” devices turned into
malicious cyber robots isn’t bad enough, you’d be utterly amazed to
discover the extent of your personal life and information hackers can
get their hands on through security monitors, music systems, and
document storage devices.

All this convenience doesn’t come for free. Vulnerable devices
open the door to hackers who want to steal the data from our devices
and sell it to the highest bidder.

Avast’s own researchers have found vulnerabilities that can be
exploited to give unauthorised access to baby monitors. As a quick
Google search on “strangers talking through baby monitors” shows,
security incidents involving these devices, in which strangers were
able to connect directly with children, are far from rare. Considering
these monitors were designed to give parents peace of mind, their
manipulation for such horrifying ends, if they aren’t secured
properly, is particularly ironic.

As more IoT devices enter the market and our homes, cars, offices, we
become more vulnerable to attack. The more connected devices out
there, the more possible attack vectors for intruders and thieves. We
could soon be living in homes that constantly collect knowledge about
everything we do – what we watch, what we eat, when we sleep, how long
we’re at home, what we talk about.

All this convenience doesn’t come for free. Vulnerable devices open
the door to hackers who want to steal the data from our devices and
sell it to the highest bidder. They increase the likelihood that
hackers could take over our cameras, garage door openers, alarm
systems – anything “smart.” Or how about ransomware? We’ve all heard
how it can infect computers. Now imagine it can be used to “lock”
access to every appliance or system in your home, unless you pay the
ransom. What recently seemed like science fiction isn’t so
far-fetched, anymore.
Top 5 steps for using IoT devices safely

While all these possibilities can be overwhelming, and threats – as
will devices – will continue to evolve, you can minimize potential
dangers while still enjoying the benefits of connected devices. Just
follow these few simple steps:

Read the terms and conditions. Yes, they can be tedious, but this
will help you understand what data the device will collect and how it
might be shared.
Go through the set-up process carefully. When installing a new
device in your home, take the time to understand which features are
enabled or disabled by default.
Change the default username and password. Choose something secure
that you’ll remember.
If the device has a software app, keep it updated on all your
devices. Find out if these updates also contain security updates. If
there is no way to update the device, consider that a red flag and
think twice about your purchase.
Invest in a home network security solution that can discover and
protect your smart devices. If one of your devices is ever
compromised, your network needs to be able to quarantine it to protect
the rest of your “smart” stuff .

Connected devices can be convenient, not to mention just plain cool.
But before buying or connecting one, consider the implications of how
they connect to the internet, how (and whether) their software is kept
updated, and what happens if the vendor stops supporting the product.
Don’t let your next dream convenience turn into a nightmare.

Reply With QuoteReply With Quote