ICT Security-Sécurité PC et Internet

A trio of researchers split between Italy and the UK have recently published a paper about cryptographic insecurities they found in a widely-known smart light bulb.

The researchers seem to have chosen their target device, the TP-Link Tapo L530E, on the basis that it is “currently [the] best seller on Amazon Italy,” so we don’t know how other smart bulbs stack up, but their report has plenty to teach us anyway.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=Smart+Home

 

 

Das Projekt Connected Home over IP soll zur Entwicklung eines einheitlichen Standards für Hardware im Bereich Smart Home führen. Die Arbeitsgruppe verfolgt einen Open-Source-Ansatz. 
Seit es Smart Home gibt ist der größte Kritikpunkt das Fehlen eines einheitlichen Standards, und in den vergangenen Jahren haben sich immer wieder verschiedene Unternehmen zusammengetan, um genau diesen auf den Weg zu bringen. 

Nun treten wieder mehrere Player an, um einen solchen Standard zu entwickeln - und dieses Mal könnte es tatsächlich zu einem Erfolg werden. Denn mit Amazon, Google, Apple und den verschiedenen Mitgliedern der Zigbee Alliance (unter anderem Samsung) sind die absoluten Schwergewichte der Branche dabei.

Das Projekt Connected Home over IP soll "die Entwicklung und Förderung der Einführung eines neuen, lizenzfreien Verbindungsstandards" vorantreiben, heißt es in einer Pressemeldung von Apple. Für den iPhone-Hersteller könnte dies die letzte Chance sein, doch noch auf dem Smart-Home-Markt Fuß zu fassen, nachdem das eigene Apple Home Kit bislang kaum Relevanz bei Kunden und Herstellern erreichen konnte.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=Smart+Home

 

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine

 

https://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

 

 

 

The FBI says owners of IoT (Internet of Things) devices should isolate this equipment on a separate WiFi network, different from the one they're using for their primary devices, such as laptops, desktops, or smartphones.

"Your fridge and your laptop should not be on the same network," the FBI's Portland office said in a weekly tech advice column. "Keep your most private, sensitive data on a separate system from your other IoT devices," it added.

The same advice -- to keep devices on a separate WiFi network or LAN -- has been shared in the past by multiple IT and security experts [1, 2, 3, 4].

The reasoning behind it is simple. By keeping all the IoT equipment on a separate network, any compromise of a "smart" device will not grant an attacker a direct route to a user's primary devices -- where most of their data is stored. Jumping across the two networks would require considerable effort from the attacker.

However, placing primary devices and IoT devices on separate networks might not sound that easy for non-technical users. The simplest way is to use two routers.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=Smart+Home

 

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine

 

https://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

 

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

 

À l’heure où la sécurité des objets connectés fait toujours débat, l’éditeur de sécurité Bitdefender lance un outil gratuit permettant d’analyser l’intégralité des appareils connectés au réseau domestique. Un outil de prévention et de promotion pour les produits payants de l’éditeur, dont la récente Bitdefender Box.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?&tag=iot

 

Is your smart home too smart for its own good?

A home full of connected devices like front-door locks, motion sensors, thermostats and smoke alarms all talking to a central hub and controllable via an app is the promise of smart home platforms like Samsung SmartThings. But all that interconnectivity of high-value home devices is also, apparently, catnip to hackers, potential malefactors and enterprising researchers.

SEE ALSO: Amazon Echo Dot gives you a voice-controlled smart home for only $90

A new University of Michigan security study entitled Security Analysis of Emerging Smart Home Applications demonstrates how Samsung's SmartThings platform may be especially vulnerable to hackers. Written by Earlence Fernandes, Jaeyeon Jung, and Atul Prakash (Fernandes and Prakash are both from the University of Michigan, while Jung is part of Microsoft Research), the paper is being presented this month at the upcoming IEEE Symposium on Security and Privacy.

The researchers targeted SmartThings because it, like other emerging smart home platforms, allows third-party app development and there are already a large number of apps and devices that work with it.

 

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Smart+Home

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine

 

http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

 

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Cars

 

Security researchers are warning that the technology underpinning many smart city deployments is susceptible to a range of cyber-attacks, enabling hackers to sabotage infrastructure in potentially life-threatening raids.

IOActive’s latest research paper covers LoRaWAN, or the Long-Range Wide Area Network protocol which many low-powered IoT devices use to connect to the internet in scenarios such as smart cities, industrial IoT, smart homes, utilities, vehicle tracking and healthcare.

It claimed that the root keys used to encrypt communications between smart devices, gateways and network servers are poorly protected.

Hackers could extract keys by reverse engineering device firmware, grab hard-coded keys that ship with some open source LoRaWAN libraries, compromise vulnerable LoRaWAN network servers, or even guess the keys in some circumstances, the report claimed.

Once encryption keys are in their possession, the black hats could launch denial of service attacks, or replace legitimate with false comms data. This could cause connected infrastructure to break or even explode, putting lives at risk, IOActive claimed..

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=Smart+Home

 

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine

 

https://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

 

Sicherheitslücken sind auch bei Hardware keineswegs selten. Unser Ratgeber erläutert, welche Geräte besonders gefährdet sind, wie Sie zu Hause konkrete Schwachstellen aufspüren und wie sich das Eindringen von Schadcode verhindern lässt.

 

Weniger im Bewusstsein dagegen ist die Bedrohung durch unzureichend geschützte Hardware. Dabei sind es meist gar nicht per se die Geräte, die böswillig Schaden anrichten. Vielmehr führen auch hier veraltete Gerätesoftware (Firmware), unzureichend geschützte Zugänge, schwache Passwörter und Ähnliches dazu, dass Schadcode eingeschleust und gegebenenfalls übers Heimnetz verbreitet werden kann. Als Angriffspunkte für Hacker eignen sich besonders die Komponenten, die direkt oder per Netzwerk mit dem Internet verbunden sind.

Dazu ein Beispiel: Ein Fernseher ohne Webzugang stellt keine Gefahr dar. Ist der Fernseher dagegen im Netz, was bereits für die Nutzung der Mediatheken erforderlich ist, ist er potenziell gefährdet. Die möglichen Szenarien reichen vom Unbrauchbarmachen durch einen Erpressungstrojaner bis zum Kapern von Kamera und Mikrofon. Einen solchen „großen Lauschangriff“ im Wohnzimmer wünscht sich wohl niemand. Ist das TV-Gerät zusätzlich ins Heimnetz integriert, droht der übrigen IT-Ausstattung Gefahr. Smarte Fernseher illustrieren die Gefahr besonders gut, weil sie mittlerweile in vielen Haushalten stehen, ohne dabei als „Gefahr“ wahrgenommen zu werden.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=Smart+Home

 

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine

 

https://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

 

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

 

 

 

Is your HOME watching you? FBI warns smart home devices can be used by hackers to 'do a virtual drive-by of your digital life'
FBI warns hackers using  smart home devices to gather data of our virtual lives
The agency suggests changing default passwords and updating firmware 
It also tells consumers to never have two devices on the same network
Smart home devices include refrigerators, lamps and a digital assistant 

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=Smart+Home

 

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine

 

https://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

 

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

 

Hackers are taking advantage of lax security attitudes around connected devices to hijack them for malicious means, researchers have warned.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Smart+Home

 

https://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=SHODAN+Search+Engine

 

http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=smart-TV

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things

 

http://globaleducationandsocialmedia.wordpress.com/2014/01/21/why-is-it-a-must-to-have-basics-knowledge-of-cyber-security-in-a-connected-technology-world/

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Cars