Tag Archives: IoT

UK Government Consults on IoT Security



The UK Government’s Department for Digital, Culture, Media & Sport (aka Ministry of Fun) has announced plans to introduce new laws governing internet-connected devices, i.e. Internet of Things.

Given that there have been some high-profile instances involving connected toys and cameras, this is welcome news. In a perfect world, users should be educated in the basics of IT security such as changing the default password, but sadly it’s case of getting a gadget out of the box and setup as fast as possible.

The Government is consulting on a “Secure by Design” initiative which intends for basic cyber security features to be built into products and for consumers to get better information on how secure the devices are.

Much like food packaging or the energy ratings on white goods, the Government is proposing a mandatory labelling scheme that states the security level of the gadget. Only goods with the applicable “IoT” label could be legally sold in the UK.

The consultation proposes three essential requirements for internet-connected gadgets.

  1. Device passwords must be unique without any standard factory setting
  2. The minimum duration for which the device will receive security updates must explicitly stated
  3. A public point of contact as part of a vulnerability disclosure policy must be given

Point 3 isn’t directly for consumers but rather for security researchers who will be able to directly contact organisations about security issues. All of these points will be a significant deterrent to the “cheap’n’cheerful” IoT gadgets that typically come in from China with zero support.

Overall, this is a very welcome consultation and I would encourage readers to review the proposals and feedback on the options. This is very much about protecting ourselves and our families and reducing the risk of being hacked. For too long, manufacturers have got away with having little responsibility for their devices after they’ve been bought and these ideas address that balance.

If you want to know more on the consultation and comment on the proposals, it’s over here.

Photo by Dan LeFebvre on Unsplash.


iOS 10 To Come With HomeKit Controller App



HomeKit LogoThe so-called Internet of Things is bringing more and more connected devices into our lives. And as the market for these smart gadgets continues to expand, one question seems to be on everyones minds; How will all of these different products communicate with each other? Some manufacturers have developed their own proprietary products and tools to ensure their own devices will play nicely together. But what if you want smart lightbulbs made by Company X and a smart security system made by Company Y? Will it be necessary to have one “command center” on your network just for each company’s products?

Many companies have stepped into this arena to try and bridge the landscape of connected things. Apple announced its own solution, HomeKit, a few years ago. But there hasn’t been much movement on the HomeKit front since that announcement. Now, it looks like Apple may ship its first HomeKit controller app with the release of iOS 10 later this year. Curiously, this information was discovered in a comment left as part of an Amazon product review:

Word of the new app came from an Apple marketing employee commenting in Amazon product reviews. MacRumors verified the commenter’s identity, and that they were responsible for the comments.

“As I work in marketing for Apple, we test many Smart Home devices, especially for iOS HomeKit integration,” the person said. “The next version of iOS due this fall will have a standalone ‘HomeKit’ app as well.”

No word yet on how HomeKit will actually work but it’s good to know that real progress is (apparently) being made on the system.


Samsung SmartThings IoT System Vulnerable to Security Breaches



SmartThings logoThe Internet of Things and by extension, the connected home, is here. But is the world really ready for every facet of our daily lives to be connected to the internet? That smart toaster that notifies you via smartphone when your breakfast is ready might be a cool, convenient addition to your kitchen. But it’s a potential attack vector for hackers to breach your home network. And while it may be nothing more than a harmless prank for a hacker to reset your IoT-connected toaster to the “scorched earth” setting, the reality of this kind of security breach is much worse. Once an experienced hacker gets in thru the toaster, the home security system or front door lock could be their next targets.

That’s exactly what researchers discovered when testing out Samsung’s SmartThings IoT system of products. The test was conducted by computer scientists at the University of Michigan. What they found may come as shocking news to anyone considering outfitting a home with connected devices. The research team devised several exploits that worked against a SmartThing network by taking advantage of intrinsic flaws in the network’s design. One of the exploits was even able to extract the PIN from a connected door lock and send that PIN via text message to an outside recipient.

Most of the exploits were created by taking advantage of how Samsung’s SmartThings control apps interact with a network. Researchers were able to find multiple ways to intercept or redirect data being transmitted between these apps and the network. These processes made it possible to eventually gain entry to almost anything on the network.

It might be a good idea to hold off awhile on purchasing that shiny new SmartFridge. I suppose if you have only one device like this on your network, it could be OK. But once you’re adding door locks and security systems to your network, you’re potentially opening yourself up to these kinds of exploits.


NexPaq Modules Bring Versatility to IoT



NexPaq logoThe recent boom in smart, connected technology has given consumers more opportunities than ever before to command and control different devices. But if you want to bring the so-called “Internet of Things” into your home, you’re faced with potentially having to buy a small army’s worth of new devices to replace your old ones. What if there was a platform that allowed you to create your own IoT system using modules that could be configured to do almost anything? That’s what NexPaq is doing with its modular products.

Aylee met with Steve Safarowic, Chief Marking Officer of NexPaq. Steve showed off his company’s innovative system that uses modules to do specific things. First, he demonstrated a special smartphone case that interacts with the phone. Users can add modules to extend battery life or create programmable hotkeys to do certain tasks like turning on lights or making a phone call. NexPaq also has a standalone device that uses its modular system without a smartphone. NexPaq also has a developer kit that can be used to create new modules. Developers can even submit their modules to the NexPaq store where they could become available to sell to other NexPaq users. NexPaq smartphone cases and modules are available for purchase thru the NexPaq shop.

Aylee Nielsen is a video host who specializes in covering live events for Plughitz Live.

Support my CES 2018 Sponsor:
30% off on New GoDaddy Orders cjcgeek30
$4.99 for a New or Transferred .com cjcgeek99 @ GoDaddy.com
$1.00 / mo Economy Hosting with a free domain. Promo Code: cjcgeek1h
$1.00 / mo Managed WordPress Hosting with free Domain. Promo Code: cjcgeek1w
Become a GNC Insider: Support this podcast

CentraLite Smart Switch Talks to Smart LED Bulbs



CentraLite LogoThe Internet of Things is made up of several smart devices and appliances. The trick is to figure out what to do with this technology to make it work best for you in your home. CentraLite is “the man behind the curtain” that makes the IoT devices for a lot of companies that you have heard of.

Daniel spoke with Director of Marketing for CentraLite, Jason Whatley at CES 2016. CentraLite is an IoT device manufacturer. They make things like smart sensors, thermostats, in-wall switches, and more for companies you’ve heard of like Samsung’s SmartThings and Lowe’s Iris system. CentraLite has been making IoT devices since before there was an “internet of things”.

One of the devices CentraLite makes is a Smart Switch. It solves two problems that home owners who use Smart LED bulbs have. One problem is that turning off the Smart LED bulbs kills the power to those bulbs. The other problem is that there isn’t a convenient way to turn a Smart LED bulb on or off without pulling out your smartphone. The Smart Switch is a device that goes over an existing light switch in your home. It locks out the switch and provides dimming buttons that talk to the LED Smart bulbs.

Daniel J. Lewis dares you to get started in podcasting with The Audacity to Podcast.

Support my CES 2018 Sponsor:
30% off on New GoDaddy Orders cjcgeek30
$4.99 for a New or Transferred .com cjcgeek99 @ GoDaddy.com
$1.00 / mo Economy Hosting with a free domain. Promo Code: cjcgeek1h
$1.00 / mo Managed WordPress Hosting with free Domain. Promo Code: cjcgeek1w
Become a GNC Insider: Support this podcast