Digital Trends
Smart Home

One hacker is ‘shocked’ at vulnerabilities in the Google Home Hub

Clayton Moore
By
google home hub review 1
Greg Mombert/Digital Trends

One of the hurdles to the adoption of smart speakers is the worry that the digital assistants they carry and their accompanying hardware are prone to invasion. Naturally, manufacturers say they’re perfectly safe. But this week, one popular hacker disagrees.

Jerry Gamblin created a detailed post this week that reveals some limited but potentially harmful weaknesses in the Google Home platform. The research revealed that at least until Google puts in a fix,  the Google Home Hub can be controlled remotely using an unsecured application program interface (API) that was originally discovered in Chromecasts.

Google says the API is there for setting up the device and does not expose user information, while its primary use is to communicate with other devices. But Gamblin clearly states that his hypothesis is that these weaknesses are well known to Google.

“I am genuinely shocked by how poor the overall security of these devices are, even more so when you see that these endpoints have been known for years are relatively well documented,” he writes. “I usually would have worked directly with Google to report these issues if they had not previously disclosed, but due to the sheer amount of prior work online and committed code in their own codebase, it is obvious they know.”

The hack isn’t all-inclusive to commands for the Google Home Hub but it’s definitely a security risk. The commands that Gamblin details could enable anyone to restart the entire Home Hub, delete the currently configured wireless network or disable notifications, such as those attached to safety devices like locks and alarms.

Android Authority reached out to Google, which said:

“All Google Home devices are designed with user security and privacy top of mind and use a hardware-protected boot mechanism to ensure that only Google-authenticated code is used on the device. In addition, any communication carrying user information is authenticated and encrypted.

A recent claim about security on Google Home Hub is inaccurate. The APIs mentioned in this claim are used by mobile apps to configure the device and are only accessible when those apps and the Google Home device are on the same Wi-Fi network. Despite what has been claimed, there is no evidence that user information is at risk.”

So basically, Google is confirming what Gamblin claims, but is warning people to keep their home network from being compromised.

Editors' Recommendations

Don't Miss

Palm: Stand-alone or connected, here's everything you need to know
Up Next

Who’s Bugdroid? Meet the cute mascot of Android
The Asteroid Mining Corporation
Emerging Tech

The U.K.’s biggest (and only) asteroid mining company has designs on our skies

Is the founder and CEO of the U.K.'s Asteroid Mining Corporation going to be among the first people to strike it rich in space, or is he just chasing an ambitious but doomed mirage?
Posted By Luke Dormehl
Nest Cam IQ Indoor review
Smart Home

Google fixes Nest camera bug that allowed old owners to still see through them

The previous owner of a Nest Cam Indoor discovered that he was still able to access images from the device, even after a factory reset. Google has said that it has fixed the problem.
Posted By Aaron Mamiit
Mobile

A library at your fingertips: The best free Kindle books

Reading shouldn't be an expensive hobby. Here, we've put together a list of some of the better free offerings currently available for Kindle devices, so you don't have to sort through thousands of titles on Amazon and Google Play.
Posted By Simon Hill
ouya console front angle
Gaming

Google’s Stadia is about to unleash a wave of terrible cloud gaming consoles

Google's Stadia will bring 4K HDR gaming to any device that can run Google Chrome. That's great for gamers, but the ease of building a Stadia compatible device will open the floodgates for bad cloud gaming consoles.
Posted By Matthew S. Smith
best vacuums shark navigator liftawaypro
Smart Home

Getting down to the nitty-gritty: The best vacuums you can buy

Our expert reviewers took some vacuum cleaners for a spin to see which worked best. Whether you're looking for a traditional upright, stick, or robot vacuum, check out our picks for the best vacuums on the market.
Posted By Erika Rawes
walmart price cuts on dyson cordless stick vacuums v8 animal vacuum cleaner2
Smart Home

Amazon has the best deal on the Dyson V8 Animal cordless vacuum right now

Amazon dropped its price for the Dyson V8 Animal Cordless Stick Vacuum more than it did for other Dyson V-series Animal models. The Dyson V8 Animal is the sweet spot in the lineup with features of later generations but the price of earlier…
Posted By Bruce Brown
home technology that will soon be obsolete light bulb thumb
News

This ridiculous GE video shows just how tough troubleshooting smart bulbs can be

A video instructing customers how to get through the 11-step process to factory reset a General Electric smart bulb shows just how ridiculous fixing some connected appliances can be. You have to turn the bulb off and on again...eleven…
Posted By Allison Matyus
best cheap vacuum deals
Deals

Suck up the savings with these vacuum cleaners on sale for $100 or less

Keeping your floors clean around the home is a constant chore. To help make things a whole lot easier, we've picked out some great vacuum cleaner deals available right now, from full-sized upright models to robot vacs.
Posted By Lucas Coll
Smart Home

The best oven ranges, whether you’re a chef or just need to heat up a pizza

Finding an oven that is right for you is hard. Whether you're a novice looking for an entry-level gas oven or a master chef looking to upgrade to the best, here are some of the best oven ranges available now.
Posted By Jenny McGrath, Erika Rawes
best dryer feature
Smart Home

Laundry taking forever? Dry your clothes faster with the best dryers of 2019

Dryers may be the afterthought when it comes to buying a laundry pair, but the best dryers should have key features that you want in your new appliance, whether it's sanitizing or energy efficiency.
Posted By Erika Rawes
amazon drops prices on arlo pro 2 outside security camera kits add 3
Smart Home

Hate messy wires? Check out the best wireless home security cameras

Home security cameras can give you piece of mind, but if they have wires, you are limited in where you can put them. We've rounded up the best battery-operated home security cameras to give you flexibility along with your security.
Posted By Tyler Lacoma, Erika Rawes
best buy black friday appliance deals ge gdt655smjes body
Smart Home

Dishwasher not draining or drying? These are the best dishwashers of 2019

Need a new dishwasher? Take a look at our picks of the four best dishwashers currently available, and get cleaner, dryer dishes in less time each day.
Posted By Kim Wetzel, Erika Rawes
Best home security cameras Alro Pro 2
Smart Home

Protect yourself with the best home security cameras of 2019

When it comes to the best home security cameras, the choice often comes down to the one that simply knows how to stay out of your way. Here are some of our favorites, both indoor and outdoor.
Posted By Gia Liu, Erika Rawes
Deals

Best cheap air conditioner deals for 2019: Frigidaire, LG, and more

Spring is in full swing and summer is on the way, and now is the time time to shop for some deals on air conditioning units. We rounded up a selection of the best deals on cheap air conditioners and dehumidifiers going right now.
Posted By Lucas Coll