Get started Bring yourself up to speed with our introductory content.

Cloud connectivity and closed source: The Achilles heel of home IoT

We all know that the internet of things is finding its way into more and more of our daily lives. Few cars manufactured today aren’t pre-loaded with dozens of microcomputers and sensors, controlling everything from entertainment systems to exhaust emissions, for example. But the place where the technology is likely to have the biggest impact on us, up close and personal, is at home. Embedded computing has the potential to keep us entertained, productive and secure at home. But as recent research into the Samsung SmartThings platform has shown us, IoT providers are still making mistakes in the design of their products which could have serious repercussions.

It’s time these firms started thinking more clearly about security. And in the smart home, this means looking for alternatives to cloud-based systems controlled through mobile applications. It’s easy to see why the manufacturers like this model. But it’s time to address these serious security concerns and work towards open, interoperable standards.

SmartThings on trial

Researchers at the University of Michigan and Microsoft claim their report, Security Analysis of Emerging Smart Home Applications, is the first “in-depth empirical security analysis” of a smart home platform. They were able to create four proof-of-concept attacks that could theoretically have a serious impact on the safety of those inside these smart homes.

In the first proof-of-concept, they found code in one app built on the platform which allowed them to exploit an open redirect flaw in the SmartThings web server. Doing so allowed them to remotely add a new four-digit PIN to a smart door lock system unbeknown to the user. Such an attack could be targeted at large numbers of SmartThings users via a simple malicious URL, allowing hackers to effectively put secret backdoor codes into smart home locks all over the world.

The other three proof-of-concepts are based around design flaws in the platform whereby certain apps are granted more privileges than they need. This means that if an attacker could disguise Malware in a legitimate-looking app such as a battery monitor in the SmartThings store, he could take advantage of such a flaw to access capabilities which should be out of reach. In this way, researchers managed to disable a “vacation mode” SmartApp — designed to turn the lights in a house on and off periodically — set off a fake fire alarm, and even steal a door lock PIN and leak it via SMS. In total, 55% of the hundreds of apps studied were over-privileged thanks to coarse-grained capabilities and 42% were able to gain access to operations they didn’t ask for.

Leaving the door open

There are several takeaways from this research which throw a worrying light on the security posture of our smart homes. The first is that the kind of security-by-obscurity seen time and again in proprietary systems simply doesn’t work. SmartThings is a “closed-source” platform, and apps execute only in a proprietary platform. Yet the researchers were able to use a combination of home-built static analysis tools, runtime testing and manual analysis on a dataset of 499 SmartApps and 132 device handlers to find these flaws. And if the white hats can do this, you can bet the black hats can.

Open source systems are clearly the answer — not least because the greater manpower devoted to software development and a system of continuous code review will eliminate far more potential security vulnerabilities. And when flaws are found, they will be fixed more quickly.

But even more importantly, the IoT industry needs to look at a different model for connectivity in the smart home. Why are these hardware devices controlled by a mobile app, often developed by third parties over which the platform provider has limited visibility? And why are these apps connected to a centralized cloud server? Cloud connectivity is the Achilles heel of the smart home. It allows hackers to remotely attack vulnerabilities in such systems with the potential outcomes you’ve seen above.

The home is the center of our lives. It’s where we eat, sleep and raise our children. We wouldn’t leave the door wide open so anyone could just walk in. But that’s what we could be doing with connected devices.

A new approach

It’s understandable that manufacturers of these platforms have adopted this strategy. After all, their business model relies on selling cloud-based services rather than hardware. But the security risks are great. And there are privacy issues at stake here, too, around how much user data is being sent up to the cloud from these devices, every minute of every day.

To lock down this avenue of risk, consumers need to demand:

  1. IoT systems which don’t rely on the cloud as a middle man. It’s unnecessary for many of these devices to be always connected to the cloud anyway. We need a new architecture designed around a local, secure hub.
  2. Open, interoperable standards. As I’ve discussed, proprietary approaches to development never produce the most secure end product. And they don’t tend to inspire real technology innovation. When it comes to network connectivity in particular, it’s more important than ever to work towards globally accepted standards. TCP/IP is among the most complex protocols around — meaning many developers leave security gaps through inexperience when designing in connectivity. Open and interoperable standards to follow would largely solve this problem.Another benefit of following open standards is consumer choice. Recently, smart home vendor Nest announced it is no longer supporting the Revolv smart hub. But because Revolv depends on Nest’s cloud-based service, this left many users of the hub with an essentially useless device. Open standards mean users aren’t locked into a particular provider. It gives them more control over how they use their devices.

The internet of things is already here. Now we must fight harder to ensure that it moves in a direction of greater security, built on openness and interoperability.

All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.