This is why I like boarderless security, and did even before all these smart devices came around. Every device should be responsible for its own security. It meant your laptop is still protected when you’re on some random wifi network. Networks shouldn’t be built like eggs; hard on the outside, soft on the inside.
It does take more technical skill to setup, though.
Or they could just dime out the heat/AC and give you a huge energy bill. Or kill the furnace in the winter, while you’re on vacation, and let your pipes burst.
Nobody is doing that. A hacker doesn’t cause chaos just for the fun of it. They have nothing to gain by playing with your thermostat when they can spend less man-power exploiting corporations for money and data.
The downside, though, is that installing the ransomware, currently, requires the hackers to either have physical access to the thermostat or trick the victim into loading malicious files on the device on his own.
And if a hacker is in your home, they’re not a hacker. They’re just a burglar.
Realistically speaking who targets an individual house in the hopes of accessing something important and usable when companies lose millions of customer financial and personal information basically every month?
To do what though? People are worried about their internal network being compromised, but the average person has basically nothing worth stealing on their home network given the insane amount of work it takes to compromise it.
The fears of your internal home network being compromised are way overblown.
It’s not just damage to your home network, it’s using that as part of botnets do do other crime. And it’s collecting data on you for sleazy purposes, that then gets leaked (sometimes) to those who want to use it for crime.
the insane amount of work it takes to compromise it.
Really?
The great thing about software is once you develop an insane trick to get into one child’s internet-connected doll (oh yes, there’s that too) you can roll it out to try ten million dolls across the world.
A main example that comes to mind is nanny cam or iot security cam ransoms for example. They don’t target specific individuals at first, they exploit a mass vulnerability, gather sensitive footage then blackmail. Another example, while not directly affecting IoT users’ lives was the Mirai botnet attack.
This implies looking at hundreds of thousands of nanny cams, for probably lots of hours before you end up with any footage thts worthy of ‘blackmail’. And I’d bet many homes would literally never have anything blackmail worthy even happen on camera. Oh no, they saw me naked!?! What am I going to do if my coworkers found out I walk around naked in my own home. I’d just tell them to take a hike and release my naked footage if they really wanted to.
The issue is that the thermostat can be used as a jump box into your network.
That’s when/where all the nefarious things happen.
This is why I like boarderless security, and did even before all these smart devices came around. Every device should be responsible for its own security. It meant your laptop is still protected when you’re on some random wifi network. Networks shouldn’t be built like eggs; hard on the outside, soft on the inside.
It does take more technical skill to setup, though.
Or they could just dime out the heat/AC and give you a huge energy bill. Or kill the furnace in the winter, while you’re on vacation, and let your pipes burst.
Nobody is doing that. A hacker doesn’t cause chaos just for the fun of it. They have nothing to gain by playing with your thermostat when they can spend less man-power exploiting corporations for money and data.
Really? Ok, that could be a one-off: here’s a more concrete example.
Yeah, but:
And if a hacker is in your home, they’re not a hacker. They’re just a burglar.
Realistically speaking who targets an individual house in the hopes of accessing something important and usable when companies lose millions of customer financial and personal information basically every month?
Nobody attacks an individual house, people exploit vulnerabilities en masse.
To do what though? People are worried about their internal network being compromised, but the average person has basically nothing worth stealing on their home network given the insane amount of work it takes to compromise it.
The fears of your internal home network being compromised are way overblown.
It’s not just damage to your home network, it’s using that as part of botnets do do other crime. And it’s collecting data on you for sleazy purposes, that then gets leaked (sometimes) to those who want to use it for crime.
Really?
The great thing about software is once you develop an insane trick to get into one child’s internet-connected doll (oh yes, there’s that too) you can roll it out to try ten million dolls across the world.
A main example that comes to mind is nanny cam or iot security cam ransoms for example. They don’t target specific individuals at first, they exploit a mass vulnerability, gather sensitive footage then blackmail. Another example, while not directly affecting IoT users’ lives was the Mirai botnet attack.
This implies looking at hundreds of thousands of nanny cams, for probably lots of hours before you end up with any footage thts worthy of ‘blackmail’. And I’d bet many homes would literally never have anything blackmail worthy even happen on camera. Oh no, they saw me naked!?! What am I going to do if my coworkers found out I walk around naked in my own home. I’d just tell them to take a hike and release my naked footage if they really wanted to.