1. Smart Home

U of Michigan, Microsoft researchers question whether a smart home is a safe home

Lulu Chang
By

smart home safety 35 million pool
Sotheby's
The homes of the 21st century may be smarter than ever, but is that synonymous with safety? The rise of the Internet of Things has given way to a hyperconnected household, where everything from our lights to our sprinkler system to our oven can be controlled by a single hub. Unfortunately, however, this convenience may come at a serious cost. 

New research published by researchers at the University of Michigan and Microsoft sheds new light on the vulnerabilities presented by a smart home platform, offering an alarming look at how seemingly helpful devices could open up a backdoor for malicious hackers and criminals looking to turn everyday objects into outlets for hijacking. Specifically examining Samsung SmartThings, the research team drew two major conclusions. First, that while “SmartThings implements a privilege separation model … SmartApps can be overprivileged,” which is to say that these apps can “gain access to more operations on devices than their functionality requires.”

Second, the team says, “the SmartThings event subsystem, which devices use to communicate asynchronously with SmartApps via events, does not sufficiently protect events that carry sensitive information such as lock pincodes.” The implications behind these two findings could lead to a number of different attacks, including secretly planting door lock codes, stealing existing door lock codes, or inducing a fake fire alarm. Taken together or separately, each of these attacks could lead to major consequences for smart home owners.

While the team admits that many of the vulnerabilities they found would take quite a bit of expertise to exploit, the opportunity remains relevant for experienced hackers. And given how much trust we’ve placed in some of these smart home systems, allowing them to lock and unlock our doors, turn off key appliances, and more, caution is key. “If these apps are controlling nonessential things like window shades, I’d be fine with that. But users need to consider whether they’re giving up control of safety-critical devices,” says Earlence Fernandes of the University of Michigan.

Ultimately, experts say, “These software platforms are relatively new. Using them as a hobby is one thing, but they’re not there yet in terms of sensitive tasks. As a homeowner thinking of deploying them, you should consider the worst-case scenario, where a remote hacker has the same capabilities you do, and see if those risks are acceptable.”

Editors' Recommendations

The best video doorbells for 2021: Which should you buy for Cyber Monday?

A person pressing the Arlo Video Doorbell.

The best home security cameras for 2021: Which should you buy on Cyber Monday?

The best smart padlocks for 2021

Growth in the smart home will be fueled by these transformative trends

level fashions smallest smart lock ever made copy of iphone

With Tesla bleeding money, Elon Musk initiates hardcore spending review

Tesla Model Y front

Best Cyber Monday Security Camera Deals 2021: Early offers today

arlo drops hub pro 4 ultra 2 cameras image b

Best Cyber Monday Kindle Deals 2021: Early offers today

10th generation Kindle Oasis e-reader

Best Black Friday Keurig deals still happening today

Black Friday Keurig Deals 2021

Best Cyber Monday Smartwatch Deals 2021: Early offers today

apple-watch-series-6

Best Cyber Monday Keurig Deals 2021: Early offers today

early keurig coffee maker deals prime day 2020 k slim

Best Cyber Monday TV Deals 2021: Early offers you can shop now

best qled tv deals samsung q60 4k feature black friday

Best Black Friday air fryer deals still available today

best black friday air fryer deals dt production

LG C1 OLED TV just got a $200 price cut for Cyber Monday 2021

LG-C1-OLED-TV-Black-Friday-Feature in living room.