"I resisted the Poltergeist-like temptation to turn the television on as well": Hacking a 'Smart Home'


Wed, Jul 31st, 2013 11:00 by capnasty NEWS

On Forbes, Kashmir Hill looks at how a simple Google search gave her access to a variety of 'smart homes' -- houses that use automation equipment accessible from the Internet -- easily turning on and off lights, unlock doors and even open garage doors.

Many of these products have smartphone apps and Web portals that let users operate devices, cameras, and locks from afar. Getting to live the Jetsons’ lifestyle has downsides though; as we bring the things in our homes onto the Internet, we run into the same kind of security concerns we have for any connected device: they could get hacked.

Googling a very simple phrase led me to a list of “smart homes” that had done something rather stupid. The homes all have an automation system from Insteon that allows remote control of their lights, hot tubs, fans, televisions, water pumps, garage doors, cameras, and other devices, so that their owners can turn these things on and off with a smartphone app or via the Web. The dumb thing? Their systems had been made crawl-able by search engines — meaning they show up in search results — and due to Insteon not requiring user names and passwords by default in a now-discontinued product, I was able to click on the links, giving me the ability to turn these people’s homes into haunted houses, energy-consumption nightmares, or even robbery targets. Opening a garage door could make a house ripe for actual physical intrusion.



You may also be interested in:

Space Elevators: "totally feasible and a really smart idea."
"New drugs [...] appear to vastly reduce the need for sleep without significant side effects."
Stephen Hawking's Guide on How To Build a Time Machine
"90% of British civil service workers have jobs so pointless, they could easily be replaced by robots."
Digital Doomsday: The End of Knowledge