Internet of Things

Report: Internet of Things Devices Have ‘Alarmingly High’ Number of Attack Vulnerabilities

We'll keep our appliances dumb, thanks.
Womp womp. (Facebook)

Womp womp. (Facebook)

Thinking of outfitting your home with some snazzy smart devices? Perhaps it’s time to think again — and no, not just because those smart thermostats might not actually detect smoke.

After analyzing 10 of the most popular Internet of Things devices, HP found them to contain an “alarmingly high average number of vulnerabilities per device,” according to a recent report. The vulnerabilities, they wrote, “ranged from Heartbleed to Denial of Service to weak passwords to cross-site scripting.” Oh, joy.

The report doesn’t specify exactly which products were tested, but it says the devices came from manufacturers of “TVs, webcams, home thermostats, remote power outlets, sprinkler controllers, hubs for controlling multiple devices, door locks, home alarms, scales and garage door openers.” So, everything, basically.

Here are some of the report’s more specific findings:

  • 80 percent of devices raised privacy concerns, particularly because users’ personal information is transmitted unencrypted between cloud services, mobile apps and the devices themselves. “Users are one network misconfiguration away
    from exposing this data to the world via wireless networks,” the report says.
  • 70 percent failed to encrypt the transmission of information to the Internet and local network
  • 60 percent failed to encrypt the downloading of new software
  • 80 percent of devices failed to require passwords of sufficient strength

The Internet of Things will comprise be comprised of 26 million units by 2020, the report says. It urges companies to review their devices potential security flaws before the technology becomes more widespread.

Or, we could all just move out to cabins in the woods and never use electricity again.

[h/t the Telegraph]

Follow Jordyn Taylor on Twitter or via RSS. jtaylor@observer.com