10-24-2013 03:24 PM
About three months ago, I wrote about a baby monitor hack that resulted in a truly frightening night for a Texas couple and their toddler, who were terrorized by a man who was able to hack the device and then proceeded to shout expletives through the monitor that was placed next to the sleeping baby.
As it happens, baby monitor hacking is back in the news. According Dan Goodin of ARS Technica, a security researcher by name of Nitesh Dhanjani (ironically the same researcher I mentioned in the original baby monitor hack story who discovered a vulnerability in a popular LED lighting system), has come up with a proof-of-concept attack on a wireless Belkin baby monitor, showing how it can be turned into an 'iPhone/iPad-controlled bugging device'.
"The ease if connecting is no doubt intended to be one of the selling points of the WeMo monitor. But its lack of password authentication can just as easily be viewed as a liability since it exposes users to surreptitious monitoring by baby sitters, former spouses, or anyone else who even once manages to get on the home network. The only way to be sure that the device is locked down is to continually check the monitor's settings panel to ensure no unrecognized devices are connected to it."
Here is the video demonstration from the story:
Dhanjani also found weaknesses in other Belkin products, but company support representatives, much in the same way Phillips had responded to his findings of the lighting system vulnerabilities, said that the baby monitor was 'no more insecure than ayn other computing device, at least when users follow standard security procedures.'
I'd love to hear your thoughts on these potentially-scary vulnerabilities and the companies' responses. You can read the full story by clicking the aforementioned ARS Technica link .
10-24-2013 03:34 PM
Remember this one Yegor it's getting to be a habit nothing is secure anyone. https://community.webroot.com/t5/Security-Industry-News/Baby-Monitor-Hack/m-p/53938#M2113
Webroot® SecureAnywhere™ Internet Security Complete Beta Tester v220.127.116.11 on my main system Alienware 17R2 with Windows 10 Professional x64 Version 1703 (Build 15063.413) & Motorola Moto Z Android 7.0 Nougat with WSA Mobile Complete Beta v18.104.22.16860 which is full Cloud now as well! I also test new Windows Insider 32bit & 64bit builds on Virtual Machines.
Microsoft® Windows Insider MVP - Windows Security
10-24-2013 06:57 PM
The newer devices certainly are making the news, and they are 'hackable' over a much longer distance than the old fashoned ones, but the old ones were plenty insecure as well. Any plain scanner can pick up the signals from the old non-connected ones. In fact, my plain cheap scanner picks up our old model monitor that we used with our little ones a LOT better than the actual receiver. Maybe someone around the world can't pick it up but I promise your neighbors across the street could have
New to the Community? Register now and start posting!
Helpful Webroot Links: