Skip to main content
  1. Home
  2. Smart Home
  3. News

U of Michigan, Microsoft researchers question whether a smart home is a safe home

Lulu Chang
By

smart home safety 35 million pool
Sotheby's
The homes of the 21st century may be smarter than ever, but is that synonymous with safety? The rise of the Internet of Things has given way to a hyperconnected household, where everything from our lights to our sprinkler system to our oven can be controlled by a single hub. Unfortunately, however, this convenience may come at a serious cost. 

New research published by researchers at the University of Michigan and Microsoft sheds new light on the vulnerabilities presented by a smart home platform, offering an alarming look at how seemingly helpful devices could open up a backdoor for malicious hackers and criminals looking to turn everyday objects into outlets for hijacking. Specifically examining Samsung SmartThings, the research team drew two major conclusions. First, that while “SmartThings implements a privilege separation model … SmartApps can be overprivileged,” which is to say that these apps can “gain access to more operations on devices than their functionality requires.”

Recommended Videos

Second, the team says, “the SmartThings event subsystem, which devices use to communicate asynchronously with SmartApps via events, does not sufficiently protect events that carry sensitive information such as lock pincodes.” The implications behind these two findings could lead to a number of different attacks, including secretly planting door lock codes, stealing existing door lock codes, or inducing a fake fire alarm. Taken together or separately, each of these attacks could lead to major consequences for smart home owners.

Related

While the team admits that many of the vulnerabilities they found would take quite a bit of expertise to exploit, the opportunity remains relevant for experienced hackers. And given how much trust we’ve placed in some of these smart home systems, allowing them to lock and unlock our doors, turn off key appliances, and more, caution is key. “If these apps are controlling nonessential things like window shades, I’d be fine with that. But users need to consider whether they’re giving up control of safety-critical devices,” says Earlence Fernandes of the University of Michigan.

Ultimately, experts say, “These software platforms are relatively new. Using them as a hobby is one thing, but they’re not there yet in terms of sensitive tasks. As a homeowner thinking of deploying them, you should consider the worst-case scenario, where a remote hacker has the same capabilities you do, and see if those risks are acceptable.”

Editors' Recommendations

Topics
Lulu Chang
Lulu Chang
Former Digital Trends Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
Do Arlo Essential cameras require the Arlo Smart Hub?
An Arlo Smart Hub on a wooden table.

Arlo makes some of the most popular smart home cameras. They're reliable, easy to install, and supported by platforms such as Apple Home, Google Home, and Amazon Alexa. Many of its best devices fall into the Essential family, which includes the Essential XL, Essential 2K, Essential Indoor 2K, and Essential Video Doorbell.

Alongside these products, Arlo offers something known as a Smart Hub. This is available in two formats (Ultra Smart Hub and Pro Smart Hub), and both make it easy to connect your Arlo devices to the internet. But do you need an Arlo Smart Hub to use Arlo Essential cameras? Or can you get them online without purchasing the secondary hub?

Read more
Does Apple Home work on the Apple Vision Pro?
Apple Home opened with the Vision Pro Headset.

The Apple Vision Pro is the hottest VR headset of 2024, offering a powerful combination of virtual and augmented reality. Part of what makes it so compelling is its versatility, as it has support for a wide range of apps and the flexibility to use the gadget as you see fit. Apple Home even works on Apple Vision Pro, allowing you to manage your devices from the comfort of your headset.

Interested in checking out Apple Home on Apple Vision Pro? Here's a quick look at everything you need to know.

Read more
How to prevent your Ring smart camera from being hacked
Ring Indoor Cam on a table.

Ring smart cameras are remarkably popular. The lineup includes a variety of indoor and outdoor cameras as well as an industry-leading catalog of video doorbells. However, the cameras aren't without their faults. A few years ago, a class action lawsuit was filed claiming that Ring hadn't done enough to protect users from hackers -- allowing them to gain unpermitted access to video feeds.

Digital Trends reached out to Ring about these old hacking incidents. Here's what they had to say.

Read more