JorgeA Posted January 29, 2016 Share Posted January 29, 2016 Not strictly IOT related, but "close enough":http://www.theinquirer.net/inquirer/news/2443276/wtf-lenovo-protects-your-backdoor-security-with-a-really-really-really-bad-passwordYou may want to take note of the statement by the good Lenovo guys:In a statement Lenovo did not apologise, but it did say that it would now start to follow industry standards for protecting people. (bolding/highlighting is mine) jaclaz Unbelievable. --JorgeA Link to comment Share on other sites More sharing options...
JorgeA Posted February 1, 2016 Share Posted February 1, 2016 Here's another angle on the implications of the Internet of Things: New Technologies Give Government Ample Means to Track Suspects, Study Finds The products, ranging from “toasters to bedsheets, light bulbs, cameras, toothbrushes, door locks, cars, watches and other wearables,” will give the government increasing opportunities to track suspects and in many cases reconstruct communications and meetings. He noted that in the current stalemate there was little discussion of the “ever-expanding ‘Internet of things,’ where telemetry from teakettles, televisions and light bulbs might prove surprisingly, and worryingly, amenable to subpoena from governments around the world.” It boggles the mind to think that telemetry (hmm, where have we heard that word before?) from tea kettles or toothbrushes could be used to build a case against suspected enemies of the state. --JorgeA Link to comment Share on other sites More sharing options...
Tripredacus Posted February 2, 2016 Share Posted February 2, 2016 Why single out the government? It really gives an opportunity to anyone. Link to comment Share on other sites More sharing options...
Drugwash Posted February 2, 2016 Share Posted February 2, 2016 Because power comes hand in hand with paranoia, that 's why. Regular, normal people mind their own business, they don't stick their nose in someone else's lives because they don't have the knowledge, the technology and the spare time for that. And they usually have no reason either. Link to comment Share on other sites More sharing options...
JorgeA Posted February 3, 2016 Share Posted February 3, 2016 Why single out the government? It really gives an opportunity to anyone. That's what the report in the newspaper article focused on, although of course the same could also apply to private malicious hackers. --JorgeA Link to comment Share on other sites More sharing options...
jaclaz Posted February 9, 2016 Author Share Posted February 9, 2016 Well, it's OFFICIAL now:http://www.theguardian.com/technology/2016/feb/09/internet-of-things-smart-home-devices-government-surveillance-james-clapperIn an appearance at a Washington thinktank last month, the director of the National Security Agency, Adm Michael Rogers, said that it was time to consider making the home devices “more defensible”, but did not address the opportunities that increased numbers and even categories of connected devices provide to his surveillance agency.However, James Clapper, the US director of national intelligence, was more direct in testimony submitted to the Senate on Tuesday as part of an assessment of threats facing the United States.“In the future, intelligence services might use the [internet of things] for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials,” Clapper said. jaclaz Link to comment Share on other sites More sharing options...
jaclaz Posted February 11, 2016 Author Share Posted February 11, 2016 (edited) VTECH has found a neat solution to security:http://www.troyhunt.com/2016/02/no-vtech-cannot-simply-absolve-itself.htmlchanging the Limitation of liability in there T&C (Terms and Conditions) to include:YOU ACKNOWLEDGE AND AGREE THAT ANY INFORMATION YOU SEND OR RECEIVE DURING YOUR USE OF THE SITE MAY NOT BE SECURE AND MAY BE INTERCEPTED OR LATER ACQUIRED BY UNAUTHORIZED PARTIES jaclaz Edited February 11, 2016 by jaclaz Link to comment Share on other sites More sharing options...
JorgeA Posted February 12, 2016 Share Posted February 12, 2016 Hackers take control of a TOILET Hikohiro Lin, head of the firm's product security team, revealed that potty-minded researchers managed to hack their way into a bluetooth-enabled Japanese toilet. These super-loos allow users to control various functions using a smartphone. But researchers found that one of these high-tech toilets was protected with only a basic password. This meant they could take control of the toilet, allowing them to flush it at an awkward moment or even surprise people by unexpectedly aiming a jet of water at their nether regions. For the life of me, I can't figure out why you'd want to control a toilet with your smartphone, but there you go... Merely the thought of installing an operating system on a commode just boggles the mind. Imagine the possibilities if it were Windows 10 IoT Core, phoning home. Do we really want to be that connected? Your toilet needs some updates and needs to restart.We've scheduled a time we think is convenient for you.--JorgeA 1 Link to comment Share on other sites More sharing options...
JorgeA Posted February 12, 2016 Share Posted February 12, 2016 VTECH has found a neat solution to security:http://www.troyhunt.com/2016/02/no-vtech-cannot-simply-absolve-itself.htmlchanging the Limitation of liability in there T&C (Terms and Conditions) to include:YOU ACKNOWLEDGE AND AGREE THAT ANY INFORMATION YOU SEND OR RECEIVE DURING YOUR USE OF THE SITE MAY NOT BE SECURE AND MAY BE INTERCEPTED OR LATER ACQUIRED BY UNAUTHORIZED PARTIES jaclaz Sounds outrageous, but I'm thinking that if (say) Microsoft, Google, and Apple were to adopt this type of clause in their user agreements, it might put the brakes on the whole cloud/IoT trend. --JorgeA Link to comment Share on other sites More sharing options...
DonDamm Posted February 12, 2016 Share Posted February 12, 2016 but, but,.... nobody reads them!!! (and being a nobody, you know I do, yes?) Truly, most of the folks I help can't install a program without messing it up, much less actually read the EULA. That's why there's so much crapware that's entirely legal because the folks clicked "OK". Sigh. :^) Link to comment Share on other sites More sharing options...
jaclaz Posted February 14, 2016 Author Share Posted February 14, 2016 (edited) And (as actually expected) it is now the turn of Samsung (and their "smart" - please do notice the quotes - TV's):http://www.thedailybeast.com/articles/2015/02/05/your-samsung-smarttv-is-spying-on-you-basically.htmlhttp://theweek.com/speedreads/538379/samsung-warns-customers-not-discuss-personal-information-front-smart-tvs A single sentence buried in a dense “privacy policy” for Samsung’s Internet-connected SmartTV advises users that its nifty voice command feature might capture more than just your request to play the latest episode of Downton Abbey.“Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party,” the policy reads. Samsung's official statement is on the same line as other similar statements: "Samsung takes consumer privacy very seriously. In all of our Smart TVs we employ industry-standard security safeguards and practices, including data encryption, to secure consumers’ personal information and prevent unauthorized collection or use," the company said in a statement to The Daily Beast. "Voice recognition, which allows the user to control the TV using voice commands, is a Samsung Smart TV feature, which can be activated or deactivated by the user. The TV owner can also disconnect the TV from the Wi-Fi network.") And the further knowledge that the "third party" is (currently) Nuance:http://www.bbc.com/news/technology-31296188 http://europe.newsweek.com/samsung-updates-smarttv-policy-names-third-party-collecting-voice-commands-305935?rm=eu may help (or it may not), they are seemingly the same guys behind at least part of the Siri experience:https://en.wikipedia.org/wiki/Nuance_Communications jaclaz Edited February 14, 2016 by jaclaz Link to comment Share on other sites More sharing options...
ROTS Posted February 15, 2016 Share Posted February 15, 2016 (edited) All of this for CCTV that you could otherwise port through the connection of a beeper............????/I mean if I wanted a security system, I would just have the regular motion monitor with the motion sensor light. I remember when I was a kid I set off the one in my house. We had red lights and flashing lights blinking with nuclear-reactor sounds....No we are going to use the same system that phones have been using from 1970 something ( UNIX ) and call it a security system with a little help from JAVA. Speaking of JAVA ( which I turned my back on ) it is actually really amazing the things you can do with it, outside of the web. Edited February 15, 2016 by ROTS Link to comment Share on other sites More sharing options...
Tripredacus Posted February 15, 2016 Share Posted February 15, 2016 So far it seems that voice recognition is more generic and not like you see in Star Trek where the computer can tell who is actually speaking. So the ability to remotely order other people's devices is quite possible. This happened when Xbox One launched and during games people would say "xbox shut off" into their mic and other people in their game would suddenly disconnect. Link to comment Share on other sites More sharing options...
jaclaz Posted February 15, 2016 Author Share Posted February 15, 2016 So far it seems that voice recognition is more generic and not like you see in Star Trek where the computer can tell who is actually speaking. So the ability to remotely order other people's devices is quite possible. This happened when Xbox One launched and during games people would say "xbox shut off" into their mic and other people in their game would suddenly disconnect. ... as expected, BTW, JFYI:http://www.msfn.org/board/topic/173316-windows-10-prediction-and-os-ranking/#entry1092785and actually something similar actually already happened:http://www.msfn.org/board/topic/174201-windows-10-first-impressions/page-48#entry1102629 jaclaz Link to comment Share on other sites More sharing options...
JorgeA Posted February 19, 2016 Share Posted February 19, 2016 Not sure if the following fits the subject of this thread exactly, but for lack of a better location, here goes: Vizio's smart TVs are snitches, lawsuit alleges INDIANAPOLIS — An Indiana man is suing TV manufacturer Vizio for collecting data about his viewing habits and selling it to third parties. He also contends that people did not consent to and or know about Vizio’s practices, which are facing several legal challenges in other states. The “defendant’s smart televisions collect personally identifying information … through its Smart Interactivity software, and then disclose this private information to third parties, such as advertisers or data brokers,” according to the class-action lawsuit, filed Thursday in the U.S. District Court here. “What people don’t understand is in this era ... is who has access to your information and what they know about you,” said lawyer Lynn Toops at Cohen & Malad, whose firm is representing Trent Strader of Indianapolis. “Consumers need to understand that if they connect this TV to Internet, Vizio is collecting information and sending it to advertisers.” --JorgeA Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now