There’s no denying that smart homes are the way of the future. Wireless sound systems, remote light control, automatic blinds, and more will soon be everywhere. But does a smart home mean a safe home? Instead of just worrying about physical intruders, smart home owners may need to be worrying about technological intruders, as more researchers are finding flaws in the system and voicing their concern about the safety of smart homes.
Just like any other technology, there is a risk that hackers could gain access to a smart home. In fact, researchers have already shown that hackers can completely take over Belkin WeMo smart phone devices, and another security firm was able to hack into all 16 smart home devices it tested, some in as quickly as 20 minutes. Not even the largest smart home companies are immune to hacking dangers, as shown in the following two examples.
A major security flaw was discovered with Apple-connected smart home products, which soon went viral. The issue was brought to the attention of the public by a man named Marcus, who spent thousands of dollars outfitting his home with what he viewed as safe equipment, all of which was labeled as “Works with Apple HomeKit,” meaning it was compatible with Apple’s virtual assistant, Siri and followed Apple’s strict requirements for third-party devices. Marcus had gadgets that could automate much of his house, including unlocking the front door and turning the lights on and off. To control everything, Marcus stationed an iPad in the living room as the central device, which meant he could say “Hey Siri” followed by a command to control his smart gadgets with just his voice from anywhere in the house.
Things were working well for Marcus until his friend and neighbor discovered a dangerous flaw. After asking to borrow something, Marcus’ neighbor said he would just let himself in the house. The neighbor stood on Marcus’ front porch and said “Hey Siri, open the front door,” which activated Siri’s voice control and opened the door. Marcus was shocked essentially anyone could say a command from outside the house and gain entry to the physical house or control of the devices.
Apple’s suggestion was to add a passcode to the iPad, which would require Marcus or anyone else to enter a code after issuing a voice command. But doing so, Marcus argued, defeated the point of the system. Instead, he removed the smart lock from his front door, making his home safer but not quite as tech-savvy.
Marcus’ problem could happen with any smart lock using HomeKit because of Siri’s voice control capabilities. However, Apple has started buckling down on the security of internet-connected devices, which could help alleviate these safety issues in the future.
In one of the first platform-wide studies of a real smart home system, the hackers definitely came out on top. Cybersecurity researchers from the University of Michigan were able to easily hack into Samsung’s SmartThings, a leading smart home system in four different attacks. The most disconcerting could be the “lock-pick” malware app that essentially gave the hackers the PIN number to the home’s front door. Using a SmartApp from the Samsung system, hackers were able to eavesdrop on someone setting a new PIN for their front door and then text the number to a potential hacker, who could use it to unlock the door undetected.
The results of the exercise unsurprisingly caused concern for researchers who found the security measures to be much more lack than they imagined.
“One way to think about it is if you’d hand over control of the connected devices in your home to someone you don’t trust and then imagine the worst they could do with that and consider whether you’re okay with someone having that level of control,” said study lead Earlence Fernandes.
The same team of researchers also found that a variety of SmartApps could be hacked to turn of vacation mode, set off the fire alarm, and set an additional PIN for the front door. They claim SmartApps provided a small hole for usability that could easily be turned into a larger problem, such as someone coming to change the light bulb who gets access to everything in your home.
At this point, most experts agree that smart home devices are great for simple acts like closing doors, lowering blinds, watering plants, etc., but that they shouldn’t be used to lock doors or control other major safety areas until the hacking issues are resolved.
However, despite the safety issues, consumers continue to purchase smart locks in hopes of taking their homes to the next tech level. Hopefully they will be safe while they do so.