Google Home’s data leak proves the IoT is still deeply flawed

From Wired Article: Tripwire security researchers found the Google Home and Google Chromecast could leak location data through unauthorised network connections. The IoT’s security issues run much deeper.

The Internet of Things (IoT)security problem isn’t going away. The connected network of billions of devices – from smart doorbells to office printers – is regularly found to have privacy problems and be open to attack by potential hackers.

The latest of these incidents? Google’s artificial intelligence Home speaker and the Chromecast, the firm’s streaming device, have been found to reveal a user’s precise physical location. Revealed by Tripwire security researcher Craig Young, the bug can make a person’s location known to an accuracy of around 10 metres.

Researchers warn SCADA systems are still hopelessly insecure

A presentation at last week’s BSides conference by researchers from INSINIA explained how a device planted on a factory floor can identify and list networks, and trigger controllers to stop processes or production lines.

The talk – Hacking SCADA: How We Attacked a Company and Lost them £1.6M with Only 4 Lines of Code– reviewed 25 years of industrial control kit, going back to the days of proprietary equipment and X21 connections before discussing proof-of-concept attacks.

See The Register Article:

Pwned with ‘4 lines of code’: Researchers warn SCADA systems are still hopelessly insecure