Total Stranger Takes Control Of Smart House Due To Huge Security Flaw
Peter Donnell / 4 years ago
Having home automation systems can be cool, you’ve likely got the basics in place already to have such a system, a smart phone, tablet computer, PC, smart TV, games consoles and such can all be automated or control each other in one way or another. There is a $1.5 billion market out there for home automation and while turning over your TV with your phone is how it can all begin, the idea is to go a lot further, controlling your heating, lighting, garage doors, curtains and more by hooking them all up to a computer using relatively simple devices.
The big issue here of course isn’t when all this stuff works perfectly, it’s when someone realises that they can hack into the systems that automate your house and start turning it into a purchase you quickly regret, turning all your devices on and off, locking and unlocking entry points, setting your heating systems to silly numbers, putting Justin Beiber on at full volume and other such horrors.
Bryan Hatley is a tech enthusiast, he’s not a hacker, he doesn’t have extensive knowledge of computer security, or any security systems for that matter, he doesn’t have a degree in computer sciences, he’s just a guy who knows how to Google a few things, but he managed to hack someones house with relative ease.
He searched online for “smart homes” and found something very stupid indeed, these houses were being run by a system called Insteon and their automation system ran from a web page, a page where the home user could log in and change the settings of their house, but the pages were also showing up in search results, meaning ANYONE could access them and change your houses settings… oh dear, poor effort on the automation company or what!
The security flaw is now fixed but it does highlight how there can be major flaws in the systems many of us may take for granted. Fortunately for the user that was “hacked”, although I use that term lightly as Bryan was able to just stumble into the website and have some fun with it, but his intentions were not malicious and Bryan called the home owner to warn them about what had happened… likely after he has done turning his automated living room into a disco.
Thank you Newsclaimer for providing us with this information.
Image courtesy of Newsclaimer.