Skip to main content
  1. Home
  2. Smart Home
  3. News

U of Michigan, Microsoft researchers question whether a smart home is a safe home

By

The homes of the 21st century may be smarter than ever, but is that synonymous with safety? The rise of the Internet of Things has given way to a hyperconnected household, where everything from our lights to our sprinkler system to our oven can be controlled by a single hub. Unfortunately, however, this convenience may come at a serious cost. 

New research published by researchers at the University of Michigan and Microsoft sheds new light on the vulnerabilities presented by a smart home platform, offering an alarming look at how seemingly helpful devices could open up a backdoor for malicious hackers and criminals looking to turn everyday objects into outlets for hijacking. Specifically examining Samsung SmartThings, the research team drew two major conclusions. First, that while “SmartThings implements a privilege separation model … SmartApps can be overprivileged,” which is to say that these apps can “gain access to more operations on devices than their functionality requires.”

Recommended Videos

Second, the team says, “the SmartThings event subsystem, which devices use to communicate asynchronously with SmartApps via events, does not sufficiently protect events that carry sensitive information such as lock pincodes.” The implications behind these two findings could lead to a number of different attacks, including secretly planting door lock codes, stealing existing door lock codes, or inducing a fake fire alarm. Taken together or separately, each of these attacks could lead to major consequences for smart home owners.

Please enable Javascript to view this content

While the team admits that many of the vulnerabilities they found would take quite a bit of expertise to exploit, the opportunity remains relevant for experienced hackers. And given how much trust we’ve placed in some of these smart home systems, allowing them to lock and unlock our doors, turn off key appliances, and more, caution is key. “If these apps are controlling nonessential things like window shades, I’d be fine with that. But users need to consider whether they’re giving up control of safety-critical devices,” says Earlence Fernandes of the University of Michigan.

Ultimately, experts say, “These software platforms are relatively new. Using them as a hobby is one thing, but they’re not there yet in terms of sensitive tasks. As a homeowner thinking of deploying them, you should consider the worst-case scenario, where a remote hacker has the same capabilities you do, and see if those risks are acceptable.”

Editors’ Recommendations

Topics
Lulu Chang
Lulu Chang
Former Digital Trends Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
Google’s Gemini AI can now control your smart home devices
The Google Nest Learning Thermostat in stainless steel.

After spending a bit of time in Public Preview, Google is rolling out its Google Home extension for the Gemini app to everyone. This will allow you to control smart home devices using Gemini, including tasks like turning on smart lights, checking your smart thermostat, or adjusting the volume on your speakers.

The Google Home Extension will be rolling out over the next few weeks, and once you've made the update, any compatible devices synced to your Google account will be accessible via Gemini. If you try using commands in the Gemini app that aren’t supported, your smartphone will automatically launch the Google Home app to complete the command (such as accessing camera actions and smart lock features).

Read more
Samsung SmartThings appliances will soon work as motion sensors
A diagram showing how SmartThings will use ambient sensing.

Samsung recently held its highly anticipated Unpacked 2025 event, pulling back the curtain on the Galaxy S25 smartphone lineup. The event wasn't all about phones, however, as we also learned about plans to turn SmartThings appliances into motion sensors. Driving the change is Home AI -- a feature that’ll gather insights from your daily habits to build personalized experiences to create a smarter smart home.

Planned to roll out through 2025 and into 2026, Home AI is bringing ambient sensing to a variety of SmartThings devices. Doing this will allow the platform to understand how it can better serve you, as it’ll monitor activities like cooking, exercising, and sleeping to gather important details about your lifestyle.

Read more
Hatch Restore 3 vs. Hatch Restore 2: what’s new on this updated smart alarm clock?
The Hatch Restore 2 on a nightstand.

The Hatch Restore 3 is a wonderful bedside companion. Its primary function is that of a smart alarm clock, but it’s also capable of playing music to help you unwind at night and simulating the sunrise to ease you into the morning. Our Hatch Restore 3 review found it to be one of the best smart alarms on the market -- but how does it compare to the outgoing Hatch Restore 2? More specifically, should current Hatch Restore 2 owners feel obligated to upgrade?

Here's a closer look at the Hatch Restore 3 and Hatch Restore 2 to help you decide if the newer model is worth the investment.
Pricing and availability

Read more