Skip to main content

How to stop hackers from rickrolling your smart speaker

[ad_1]


The future is now: Prank-happy hackers can apparently crack into smart speakers to cue up songs and spooky sounds. The vulnerability, identified by security firm Trend Micro in a new case study, exposes user data like device names and email addresses associated with streaming-music services—just enough info to allow for targeted earworm attacks. Disturbingly, the researchers needed only basic Internet-scanning tools to ID target-able devices.



The culprit: Crappy home-network security habits.



While the Trend Micro team found that some 500 Bose SoundTouch speakers and up to 5,000 Sonos Play:1 and Sonos One systems were exposed to remote hijacking, the exposure could stretch well beyond the specific devices they scrutinized.



For the moment, the implications of this vulnerability scarcely go beyond a funny prank, but the research should serve an important reminder to be vigilant about home network security. “It changes very quickly,” says Mark Nunnikhoven, a research director at Trend Micro, “it turns on a dime, and all of the sudden it’s not funny anymore.” The report, he continues, shines a light on significant security issues we should all keep in mind as we use more and more smart technologies in our homes.



It’s almost 2018, and we’re still reminding ourselves about the basics of securing our devices. Please, resolve to do these three things.


Don’t ignore firmware updates



We get it, software updates are annoying. They clog up your notifications and put the brakes on your uncontrollable, momentary urge to blast “Despacito” at full volume. But, more and more often, those patches contain vital security updates. “Software does have mistakes, and it needs to be regularly maintained,” says Nunnikhoven, “The small pain of updating those things will have real impact downstream.”



In this case, Trend Micro did Sonos and Bose the kindness of alerting them of their security gaps before trumpeting news of the vulnerability across the Web. That heads up gave the speaker-makers the chance to plug holes before pranksters could blast buddies with a New York Rickrollin’ Eve party mix. Sonos has subsequently pushed out an update that masked user information—the names of connected smartphones and synced streaming accounts, such as Spotify—that had been previously exposed.


Limit network chatter



It’s a simple enough concept. The more devices, hard drives, computers, and dog bowls you connect to your Wi-Fi network, the more you have to pay attention to the security settings and network access granted to each individual device. “Every device you add is a another potential attack point,” says Nunnikhoven.



Advanced users, he continues, can connect too much for their own good, allowing outside devices to remote into hard drives or servers on the network. For instance, gamers set up their own Minecraft or other servers and let other players access them. “There’s no reason to allow anything from the outside to initiate a connection into my home,” Nunnikhoven says. The only inbound network traffic, he explains, should be a direct response to a request to load a Website or song or video from a device on the network—say, a laptop or set-top box.



Right out of the box, most routers are setup to block any inbound requests. But anyone with a little know-how (ya know, just enough to not know better), can dig into the settings and change that.



If you’re dead-set on sharing files, opt instead for a free or low-cost cloud service like Dropbox or Google Drive. “What hope do you have of running your own Dropbox and running it securely?” jokes Nunnikhoven.



Use a guest network



Thanks to bundled modem-and-router packages from ISPs, we collectively have better Wi-Fi network hygiene than in the past. The setups come with passwords already in place (though we should be better about resetting them, if we’re honest).



Still, giving out our network password “left, right, and center” is a habit we’d all do well to break, advises Nunnikhoven. Handing over the keys gives guests access to every object on the network—bulbs, speakers, thermostats, and so on.



Most, if not all, new routers allow you to set up a secondary guest network. This walls off Jenny-come-latelys, giving access to an Internet connection without compromising your printers and smart washing machines. Plus, if you spot someone on the guest network who shouldn’t be there, cycling over to a new password won’t send your entire connected household into disarray.




[ad_2]

Written By Corinne Iozzio

Comments

Post a Comment

Popular posts from this blog

Ice technicians are the secret stars of the Winter Olympics

[ad_1] The emphasis of this year's two-week-long Winter Olympic Games has been placed squarely on the Olympians themselves. After all, the stated purpose of the international competition is to bring together the world’s greatest athletes in a nail-biting competition across fifteen different winter sports. But before the curlers, skiers, and skaters even arrived in Pyeongchang, South Korea, the Olympians of the ice technician world were already a few weeks deep in a competition of their own. Mark Callan of the World Curling Federation and Markus Aschauer of the International Bobsleigh and Skeleton Federation both say they’re hoping to make the best ice the Winter Olympics have ever seen. To transform the barren concrete jungle of existing tracks and arenas into an ice- and snow-covered wonderland is an enormous undertaking. And it takes a keen understanding of the physics and chemistry that keeps frozen precipitation pristine. Curling Callan has been making and maintaining ic...
Post a Comment
Read more

How to avoid the mid-movie bathroom break

[ad_1] Long movies and the urge to pee have been linked since the early days of cinema. Sixty-three years before Avengers: Endgame and its three-hour runtime, moviegoers settled in for nearly four hours of The Ten Commandments . “There will be an intermission,” director Cecil B. DeMille announced during the movie’s introduction. And audiences’ bladders were relieved. On average, movies aren’t getting longer, but they also don’t come with a predetermined bathroom break. That means when nature calls, you’ve got to either sit in growing discomfort or gamble on the best time to run to the restroom. But it doesn’t have to be this way, and for most people, setting your body to “do not disturb” is fairly simple. Go before the show The first piece of advice is also the easiest: pee before the movie starts. Generally, healthy adults urinate every 3-4 hours, so the longer a movie runs, the more urgent it becomes to reset your internal p...
Post a Comment
Read more

Charted: Here's how much your food waste hurts the environment

[ad_1] Our species is pretty good at wasting food. Some we discard at the farm for being undersized or oddly shaped. Others we allow to decay in their shipping containers, thrown away before they even reach shelves. We leave even more foodstuffs wasting away in grocery stores, often by letting it sit there until it reaches its sell-by date. As consumers, we don’t have much control over most of the process that brings our food to the grocery store, but we do have control over how much food we personally waste. Let's face it: We’ve all found liquified lettuce in our veggie drawers. Don't fret. It's arguably impossible to consume 100 percent of the food we buy. But a healthy reminder of the effect food waste has on the environment might help us all to be more conscious of the amount of food we eat—and don't eat. Consumer food waste varies extensively depending on the area. In South and Southeast Asia, the Food and Agriculture Organization (FAO) estimates that only around ...
Post a Comment
Read more