01 Aug 2014
Ten of the most popular IoT devices have been discovered to include “an alarmingly high average number of 50-60 vulnerabilities per device”, according to an HP research.
The company analyzed ten of the most used personal and home devices including TVs, webcams, home thermostats, remote power outlets, hubs for controlling multiple devices, door locks, home alarms and garage door openers.
It seems six of out ten are vulnerable to security vulnerabilities due to weak passwords or cross-scripting errors. Eight out of ten failed to require strong, complex passwords and relied on insecure password recovery mechanisms.
What’s more, 90 per cent of them collected at least one piece of personal information through the device, the cloud or its mobile app. Also, seven of them are transmitting sensitive between the device and cloud and mobile app through an unencrypted network, exposing the user to man-in-the-middle attacks. Plus, 60 per cent did not use encryption when downloading software updates.
HP says that manufacturers are selling these products is because the demand high and makes several recommendations including implementing security standards before production.