Monitor and secure your home IoT appliances

En Guarde!

Article from Issue 271/2023

Many IoT devices are so poorly protected against attacks that it is easy for an intruder to slip inside. With the right tools and best practices, you can bar the door.

The "S" in IoT stands for security – as a common saying goes. The recent history of IoT development is paved with absurd examples of security falling by the wayside. One oft-reported tale tells of a Bluetooth-controllable water closet with the pairing code 0000 that could not be changed. Another example is the smart breast pump that unexpectedly turned innocent mothers into botnet operators. But all the horror stories have not diminished the success of IoT. The army of smart helpers in households is growing all the time. Smart lights, smart thermostats, smart ovens, smart sockets, smart coffee machines …

As always: New technology brings the potential for misuse. In the context of IoT, many users do not understand the threat scenario posed by potentially problematic devices. For instance, what would an attacker gain from taking control of a smart washing machine? But things are different if you look at smart blinds and, above all, smart lighting control. Anyone who gains access to your Philips Hue configuration (Figure 1) can see when you are at home and, more ominously, when you are not. This information is a wonderful tool for planning break-ins. Insecure thermostats on radiators can also become a problem; imagine if a mischievous teenager or angry neighbor could turn your apartment into a sauna. If they do this in a clever way and then change the access credentials for the thermostat control center, your heating will keep running at full blast without you being able to do anything about it.

As is so often the case in the IT context, it is better to be safe than sorry when it comes to IoT. Anyone operating IoT devices at home will want to consider a few factors to boost security. What should you look out for when purchasing IoT devices? What software is available to fend off attacks? What tools will help you be aware that something is going wrong?


Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Network Scanner OpenVAS 2.0 Enters Beta

    Beta test of the Open Vulnerability Assessment System (OpenVAS) is targeted at experienced users and developers of security solutions.

  • OpenVAS

    The more IT infrastructure complexity increases, the more indispensable vulnerability scanners become. If you are not interested in retaining the consulting services of a professional hacker, you might want to entrust the task of detecting vulnerabilities to a specialized software tool, such as OpenVAS.

  • OpenVAS

    If you prefer to travel light and free, try OpenVAS, a GPLed fork of the Nessus scanning tool.

  • Building a Rasp Pi IDS

    An intrusion detection system was once considered too complicated and too expensive for a home network, but nowadays you can use a Raspberry Pi and the Suricata IDS for real-time notice of an incoming attack.

  • Suricata

    Snort isn't the only free intrusion detection tool in the barnyard. We'll show you a powerful and promising alternative known as Suricata.

comments powered by Disqus