Would YOU lock your door with an app? Wave of smart home tech raises hacker fears

Among the many new gadgets showcased at the 2014 Consumer Electronics Show in Las Vegas is the Goji, a door lock that can be activated using your smartphone

This Christmas, sales of ‘smart home’ gadgets rose by 50% in Britain, according to High Street electronics chain Maplin - app-controlled lights, heating and even curtains.

When Google purchased Nest this week - a company whose signature product is a ‘connected’ thermostat - for $3.2 billion,  over three times what Facebook paid for Instagram, it was clear the ‘smart home’ had arrived.

At Las Vegas’s Consumer Electronics Show, the ‘smart home’ was everywhere - with app-controlled washing machines, heating systems, curtains, and even a lock, the Goji, which has no key.

Instead, an app opens your door - with a code key taking the place of a metal key. Most of these gadgets simply link to your Wi-Fi network, and most are cheap and aimed at families.

                                    [Five great free travel apps to plan summer hols]

But with organised cybercriminal gangs earning billions from heists over the past year, is this a technology we should welcome?

On CES’s show floor, the answer seemed to be that families should welcome ‘smart homes’ - and the ‘internet of things’ with open arms.

Belkin, Zonoff and other companies showed off entire homes controlled by app - far cheaper than previous wired systems, and working simply over Wi-Fi, controlled by app.

Mike Harris, Zonoff’s CEO,  said,“Other companies have traditionally depended upon a dedicated home automation controller box. Consumers can use their existing WiFi network to add any home automation device in any location.”

Symantec’s Security CTO, Greg Day, said earlier this year, “From our perspective, the most interesting phase of this new development could also be the most challenging, as devices and software are created which ignore or de-proritise security features in the drive to get products to market.”

“We've seen this lack of attention to security in the past, together with resulting weaknesses in the technological fabric which are open to exploitation by cybercriminals.”

The problem is that PC security - and security on devices such as iPhones - is a known field - and new gadgets, such as lighting systems, are not.

This is not idle speculation, either - several hackers, and researchers have already shown how ‘smart homes’ can be hacked, either from nearby via Wi-Fi, or from thousands of miles away.

One researcher showed how he could ‘haunt’ a home hundreds of miles away by hacking into the website for their ‘smart’ lighting system - and last year, one shocking case saw a baby monitor company penalised in the US for a security system so weak that a hacker was able to spy on and insult a baby via the camera, from far away.

The faulty software allowed anyone with the right internet address to freely access the “feed” from Trendnet cameras - and has prompted an investigation by America’s Federal Trade Commission into the safety of “connected” devices.

 Marc Gilbert, of San Antonio, said that he saw the baby monitor move and heard a voice say, “Wake up, you little [expletive]”

Overall, 700 of the gadgets were accessed - allowing hackers the chance to ‘sell on’ video feeds to those interested in young children.

The incident prompted a review of these new ‘connected’ devices by America’s Federal Trade Commission.

The FTC said in a statement, “This is the agency’s first action against a marketer of an everyday product with interconnectivity to the Internet and other mobile devices – commonly referred to as the “Internet of Things”.

“The Internet of Things holds great promise for innovative consumer products and services.  But consumer privacy and security must remain a priority as companies develop more devices that connect to the Internet.”

In Europe, there is already controversy over the devices - with the EU concerned that electricity monitors could lead to comppanies accessing private data on families, without their knowledge.

Many of the systems shown off this year used apps as the controller - but the family television as a ‘hub’, where a big display could allow control over lighting, heating and music through the whole home.

But while PCs are often the main target of hackers, they are watched intensely by their makers, by Microsoft, by security companies such as Norton by Symantec, who need to react instantly to new threats.

Many hacks rely on hackers being able to access home networks, so a good first step to keeping your family safe is to buy “all in” security software such as Norton 360 Multi Device, which offers protection on devices such as PCs, iPads and Androids throughout the home.

But with Wi-Fi routers often far from secure - major brands such as D-Link and Linksys have been shown to have ‘backdoors’ which can allow snoopers in - ‘smart’ gadgets can be anything but.

Televisions, each with their own brand of software, are rather different - and sets from major manufacturers have already been shown to have weaknesses.

After a researcher showed off a hack which allowed him to ‘look through’ Samsung television webcams, the company advised users to cover theirs up, if they were concerned.

The hack, shown off at the Las Vegas security conference Black Hat, showed that “Smart TVs” - could be hacked, and was shown off by researcher SeungJin Lee, allowing attackers to “watch” families through webcams, and working even if the victims try to turn the set off.

More than 80 million Smart TVs sold around the world in 2012, Lee says - but, “we hardly see security research on Smart TVs.”

[How I got 6 million followers on YouTube and made it my full-time job]

There are 200,000 “home automation systems” in UK homes, allowing people to unlock their front door with a touch of a button - but researchers warn that it’s all too easy for hackers to do the same by breaking into a home network. 

Earlier this year, researcher Nitesh Dhanjani demonstrated an attack on a popular “connected” lighting system sold in Apple Store, the Philips Hue, which could be hacked to cause a “perpetual blackout” in the homes of users.

“By 2022, the average household with two teenage children will own roughly 50 such Internet connected devices, according to estimates by the Organization for Economic Co-Operation and Development,”

Dhanjani said “Our society is starting to increasingly depend upon IoT devices to promote automation and increase our well being. As such, it is important that we begin a dialogue on how we can securely enable the upcoming technology.”

At the hacker conference DefCon last year, ‘smart’ door locks were dismissed as insecure - saying they simply ‘let hackers in.’

Goji, though, is confident that its 'smart lock' is secure - costing more than £100, it has a camera which automatically takes a picture of anyone entering the home, and sends it to the owner, storing it online. It also adds an extra 'layer' of security no metal key can offer - if you 'lend' access to someone, say a painter or babysitter, you can revoke it later, whereas with a metal key, homeowners could face having the key copied, and used to break in later. Perhaps, after all, 'smart homes' might be a little more secure than we think...

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting