Other

Here’s How Someone Might Steal Your WiFi Password from Your Tea Kettle


Your tea kettle is a lot more dangerous than it looks

If you feel the need to connect your tea kettle to your WiFi, you might be putting your home at risk.

A digital security expert in London has been able to create a map of all the “insecure” iKettles across the city and hack them, just to prove that homeowners’ WiFi passwords can be easily leaked.

Using the iKettle, which uses a smartphone to start boiling water for tea, Ken Munro of Pen Test Partners was able to use “some social engineering data, a directional antenna, and some networking gear” to learn the WiFi passwords of a number of homes, according to The Register.

“If you haven’t configured the kettle, it’s trivially easy for hackers to find your house and take over your kettle,” Munro told The Register. “Attackers will need to setup a malicious network with the same SSID but with a stronger signal that the iKettle connects to before sending a disassociation packet that will cause the device to drop its wireless link. So I can sit outside of your place with a directional antenna, point it at your house, knock your kettle [off] your access point, it connects to me, I send two commands and it discloses your wireless key in plain text.”

Pen Test Partners was also behind the Gmail credential hack from earlier this year, which provided that it was possible to access an individual’s Gmail login information through one of Samsung’s smart refrigerators.


Ding-Dong -- Your Easily Hacked 'Smart' Doorbell Just Gave Up Your WiFi Credentials

Have we mentioned lately that when it comes to the so-called "internet of things," security is an afterthought? Whether it's your automobile, your refrigerator or your tea kettle, so-called "smart" internet of things devices are consistently and alarmingly showing that they're anything but. If these devices aren't busy giving intruders access to your networks and passwords, they're often making life more difficult than so-called dumb devices. Last week, for example, the popular Nest smart thermostat simply stopped working after a software update, resulting in thousands of customers being unable to heat their homes.

Now yet another security problem has been revealed in The Ring smart video doorbell, which lets you see who's at your front door via a smartphone app. According to a blog post by Pen Test partners, all an intruder needs to do is to remove two screws, press a big orange reset button, and they're able to access the configuration URL for the entire system, which can be chained with other devices including door locks and home security cameras:

In short, your smart doorbell could potentially make you immeasurably less secure, without any visible signs of tampering to the outside unit. This is, the researchers have warned in a previous post, similar to a vulnerability common in a popular smart bathroom scale, which can be easily tricked into sharing a user's WPA-PSK. Fortunately the company behind the smart doorbell tells the research firm that they quickly issued a firmware patch for the problem, though obviously not all vulnerabilities get fixed this quickly, and it's one more example of "smart" technology being a great advertisement for more traditional, dumb devices.

And despite notable experience with security issues, broadband ISPs that have been eager to jump into the smart home arena aren't having much more luck. A flaw was recently exposed in Comcast's Xfinity home security and automation service, allowing a hacker to trick the system into reporting an "all clear" state by jamming the 2.4 GHz radio used by the service. The security service would then report that everything was fine for up to three hours, and once communication was re-established with the service base station, the system never informed the user there was a problem. So smart!

And the end of the day, if you're interested in a smarter, more secure home, you may want to consider a dog.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites &mdash especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise &mdash and every little bit helps. Thank you.


Ding-Dong -- Your Easily Hacked 'Smart' Doorbell Just Gave Up Your WiFi Credentials

Have we mentioned lately that when it comes to the so-called "internet of things," security is an afterthought? Whether it's your automobile, your refrigerator or your tea kettle, so-called "smart" internet of things devices are consistently and alarmingly showing that they're anything but. If these devices aren't busy giving intruders access to your networks and passwords, they're often making life more difficult than so-called dumb devices. Last week, for example, the popular Nest smart thermostat simply stopped working after a software update, resulting in thousands of customers being unable to heat their homes.

Now yet another security problem has been revealed in The Ring smart video doorbell, which lets you see who's at your front door via a smartphone app. According to a blog post by Pen Test partners, all an intruder needs to do is to remove two screws, press a big orange reset button, and they're able to access the configuration URL for the entire system, which can be chained with other devices including door locks and home security cameras:

In short, your smart doorbell could potentially make you immeasurably less secure, without any visible signs of tampering to the outside unit. This is, the researchers have warned in a previous post, similar to a vulnerability common in a popular smart bathroom scale, which can be easily tricked into sharing a user's WPA-PSK. Fortunately the company behind the smart doorbell tells the research firm that they quickly issued a firmware patch for the problem, though obviously not all vulnerabilities get fixed this quickly, and it's one more example of "smart" technology being a great advertisement for more traditional, dumb devices.

And despite notable experience with security issues, broadband ISPs that have been eager to jump into the smart home arena aren't having much more luck. A flaw was recently exposed in Comcast's Xfinity home security and automation service, allowing a hacker to trick the system into reporting an "all clear" state by jamming the 2.4 GHz radio used by the service. The security service would then report that everything was fine for up to three hours, and once communication was re-established with the service base station, the system never informed the user there was a problem. So smart!

And the end of the day, if you're interested in a smarter, more secure home, you may want to consider a dog.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites &mdash especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise &mdash and every little bit helps. Thank you.


Ding-Dong -- Your Easily Hacked 'Smart' Doorbell Just Gave Up Your WiFi Credentials

Have we mentioned lately that when it comes to the so-called "internet of things," security is an afterthought? Whether it's your automobile, your refrigerator or your tea kettle, so-called "smart" internet of things devices are consistently and alarmingly showing that they're anything but. If these devices aren't busy giving intruders access to your networks and passwords, they're often making life more difficult than so-called dumb devices. Last week, for example, the popular Nest smart thermostat simply stopped working after a software update, resulting in thousands of customers being unable to heat their homes.

Now yet another security problem has been revealed in The Ring smart video doorbell, which lets you see who's at your front door via a smartphone app. According to a blog post by Pen Test partners, all an intruder needs to do is to remove two screws, press a big orange reset button, and they're able to access the configuration URL for the entire system, which can be chained with other devices including door locks and home security cameras:

In short, your smart doorbell could potentially make you immeasurably less secure, without any visible signs of tampering to the outside unit. This is, the researchers have warned in a previous post, similar to a vulnerability common in a popular smart bathroom scale, which can be easily tricked into sharing a user's WPA-PSK. Fortunately the company behind the smart doorbell tells the research firm that they quickly issued a firmware patch for the problem, though obviously not all vulnerabilities get fixed this quickly, and it's one more example of "smart" technology being a great advertisement for more traditional, dumb devices.

And despite notable experience with security issues, broadband ISPs that have been eager to jump into the smart home arena aren't having much more luck. A flaw was recently exposed in Comcast's Xfinity home security and automation service, allowing a hacker to trick the system into reporting an "all clear" state by jamming the 2.4 GHz radio used by the service. The security service would then report that everything was fine for up to three hours, and once communication was re-established with the service base station, the system never informed the user there was a problem. So smart!

And the end of the day, if you're interested in a smarter, more secure home, you may want to consider a dog.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites &mdash especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise &mdash and every little bit helps. Thank you.


Ding-Dong -- Your Easily Hacked 'Smart' Doorbell Just Gave Up Your WiFi Credentials

Have we mentioned lately that when it comes to the so-called "internet of things," security is an afterthought? Whether it's your automobile, your refrigerator or your tea kettle, so-called "smart" internet of things devices are consistently and alarmingly showing that they're anything but. If these devices aren't busy giving intruders access to your networks and passwords, they're often making life more difficult than so-called dumb devices. Last week, for example, the popular Nest smart thermostat simply stopped working after a software update, resulting in thousands of customers being unable to heat their homes.

Now yet another security problem has been revealed in The Ring smart video doorbell, which lets you see who's at your front door via a smartphone app. According to a blog post by Pen Test partners, all an intruder needs to do is to remove two screws, press a big orange reset button, and they're able to access the configuration URL for the entire system, which can be chained with other devices including door locks and home security cameras:

In short, your smart doorbell could potentially make you immeasurably less secure, without any visible signs of tampering to the outside unit. This is, the researchers have warned in a previous post, similar to a vulnerability common in a popular smart bathroom scale, which can be easily tricked into sharing a user's WPA-PSK. Fortunately the company behind the smart doorbell tells the research firm that they quickly issued a firmware patch for the problem, though obviously not all vulnerabilities get fixed this quickly, and it's one more example of "smart" technology being a great advertisement for more traditional, dumb devices.

And despite notable experience with security issues, broadband ISPs that have been eager to jump into the smart home arena aren't having much more luck. A flaw was recently exposed in Comcast's Xfinity home security and automation service, allowing a hacker to trick the system into reporting an "all clear" state by jamming the 2.4 GHz radio used by the service. The security service would then report that everything was fine for up to three hours, and once communication was re-established with the service base station, the system never informed the user there was a problem. So smart!

And the end of the day, if you're interested in a smarter, more secure home, you may want to consider a dog.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites &mdash especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise &mdash and every little bit helps. Thank you.


Ding-Dong -- Your Easily Hacked 'Smart' Doorbell Just Gave Up Your WiFi Credentials

Have we mentioned lately that when it comes to the so-called "internet of things," security is an afterthought? Whether it's your automobile, your refrigerator or your tea kettle, so-called "smart" internet of things devices are consistently and alarmingly showing that they're anything but. If these devices aren't busy giving intruders access to your networks and passwords, they're often making life more difficult than so-called dumb devices. Last week, for example, the popular Nest smart thermostat simply stopped working after a software update, resulting in thousands of customers being unable to heat their homes.

Now yet another security problem has been revealed in The Ring smart video doorbell, which lets you see who's at your front door via a smartphone app. According to a blog post by Pen Test partners, all an intruder needs to do is to remove two screws, press a big orange reset button, and they're able to access the configuration URL for the entire system, which can be chained with other devices including door locks and home security cameras:

In short, your smart doorbell could potentially make you immeasurably less secure, without any visible signs of tampering to the outside unit. This is, the researchers have warned in a previous post, similar to a vulnerability common in a popular smart bathroom scale, which can be easily tricked into sharing a user's WPA-PSK. Fortunately the company behind the smart doorbell tells the research firm that they quickly issued a firmware patch for the problem, though obviously not all vulnerabilities get fixed this quickly, and it's one more example of "smart" technology being a great advertisement for more traditional, dumb devices.

And despite notable experience with security issues, broadband ISPs that have been eager to jump into the smart home arena aren't having much more luck. A flaw was recently exposed in Comcast's Xfinity home security and automation service, allowing a hacker to trick the system into reporting an "all clear" state by jamming the 2.4 GHz radio used by the service. The security service would then report that everything was fine for up to three hours, and once communication was re-established with the service base station, the system never informed the user there was a problem. So smart!

And the end of the day, if you're interested in a smarter, more secure home, you may want to consider a dog.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites &mdash especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise &mdash and every little bit helps. Thank you.


Ding-Dong -- Your Easily Hacked 'Smart' Doorbell Just Gave Up Your WiFi Credentials

Have we mentioned lately that when it comes to the so-called "internet of things," security is an afterthought? Whether it's your automobile, your refrigerator or your tea kettle, so-called "smart" internet of things devices are consistently and alarmingly showing that they're anything but. If these devices aren't busy giving intruders access to your networks and passwords, they're often making life more difficult than so-called dumb devices. Last week, for example, the popular Nest smart thermostat simply stopped working after a software update, resulting in thousands of customers being unable to heat their homes.

Now yet another security problem has been revealed in The Ring smart video doorbell, which lets you see who's at your front door via a smartphone app. According to a blog post by Pen Test partners, all an intruder needs to do is to remove two screws, press a big orange reset button, and they're able to access the configuration URL for the entire system, which can be chained with other devices including door locks and home security cameras:

In short, your smart doorbell could potentially make you immeasurably less secure, without any visible signs of tampering to the outside unit. This is, the researchers have warned in a previous post, similar to a vulnerability common in a popular smart bathroom scale, which can be easily tricked into sharing a user's WPA-PSK. Fortunately the company behind the smart doorbell tells the research firm that they quickly issued a firmware patch for the problem, though obviously not all vulnerabilities get fixed this quickly, and it's one more example of "smart" technology being a great advertisement for more traditional, dumb devices.

And despite notable experience with security issues, broadband ISPs that have been eager to jump into the smart home arena aren't having much more luck. A flaw was recently exposed in Comcast's Xfinity home security and automation service, allowing a hacker to trick the system into reporting an "all clear" state by jamming the 2.4 GHz radio used by the service. The security service would then report that everything was fine for up to three hours, and once communication was re-established with the service base station, the system never informed the user there was a problem. So smart!

And the end of the day, if you're interested in a smarter, more secure home, you may want to consider a dog.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites &mdash especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise &mdash and every little bit helps. Thank you.


Ding-Dong -- Your Easily Hacked 'Smart' Doorbell Just Gave Up Your WiFi Credentials

Have we mentioned lately that when it comes to the so-called "internet of things," security is an afterthought? Whether it's your automobile, your refrigerator or your tea kettle, so-called "smart" internet of things devices are consistently and alarmingly showing that they're anything but. If these devices aren't busy giving intruders access to your networks and passwords, they're often making life more difficult than so-called dumb devices. Last week, for example, the popular Nest smart thermostat simply stopped working after a software update, resulting in thousands of customers being unable to heat their homes.

Now yet another security problem has been revealed in The Ring smart video doorbell, which lets you see who's at your front door via a smartphone app. According to a blog post by Pen Test partners, all an intruder needs to do is to remove two screws, press a big orange reset button, and they're able to access the configuration URL for the entire system, which can be chained with other devices including door locks and home security cameras:

In short, your smart doorbell could potentially make you immeasurably less secure, without any visible signs of tampering to the outside unit. This is, the researchers have warned in a previous post, similar to a vulnerability common in a popular smart bathroom scale, which can be easily tricked into sharing a user's WPA-PSK. Fortunately the company behind the smart doorbell tells the research firm that they quickly issued a firmware patch for the problem, though obviously not all vulnerabilities get fixed this quickly, and it's one more example of "smart" technology being a great advertisement for more traditional, dumb devices.

And despite notable experience with security issues, broadband ISPs that have been eager to jump into the smart home arena aren't having much more luck. A flaw was recently exposed in Comcast's Xfinity home security and automation service, allowing a hacker to trick the system into reporting an "all clear" state by jamming the 2.4 GHz radio used by the service. The security service would then report that everything was fine for up to three hours, and once communication was re-established with the service base station, the system never informed the user there was a problem. So smart!

And the end of the day, if you're interested in a smarter, more secure home, you may want to consider a dog.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites &mdash especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise &mdash and every little bit helps. Thank you.


Ding-Dong -- Your Easily Hacked 'Smart' Doorbell Just Gave Up Your WiFi Credentials

Have we mentioned lately that when it comes to the so-called "internet of things," security is an afterthought? Whether it's your automobile, your refrigerator or your tea kettle, so-called "smart" internet of things devices are consistently and alarmingly showing that they're anything but. If these devices aren't busy giving intruders access to your networks and passwords, they're often making life more difficult than so-called dumb devices. Last week, for example, the popular Nest smart thermostat simply stopped working after a software update, resulting in thousands of customers being unable to heat their homes.

Now yet another security problem has been revealed in The Ring smart video doorbell, which lets you see who's at your front door via a smartphone app. According to a blog post by Pen Test partners, all an intruder needs to do is to remove two screws, press a big orange reset button, and they're able to access the configuration URL for the entire system, which can be chained with other devices including door locks and home security cameras:

In short, your smart doorbell could potentially make you immeasurably less secure, without any visible signs of tampering to the outside unit. This is, the researchers have warned in a previous post, similar to a vulnerability common in a popular smart bathroom scale, which can be easily tricked into sharing a user's WPA-PSK. Fortunately the company behind the smart doorbell tells the research firm that they quickly issued a firmware patch for the problem, though obviously not all vulnerabilities get fixed this quickly, and it's one more example of "smart" technology being a great advertisement for more traditional, dumb devices.

And despite notable experience with security issues, broadband ISPs that have been eager to jump into the smart home arena aren't having much more luck. A flaw was recently exposed in Comcast's Xfinity home security and automation service, allowing a hacker to trick the system into reporting an "all clear" state by jamming the 2.4 GHz radio used by the service. The security service would then report that everything was fine for up to three hours, and once communication was re-established with the service base station, the system never informed the user there was a problem. So smart!

And the end of the day, if you're interested in a smarter, more secure home, you may want to consider a dog.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites &mdash especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise &mdash and every little bit helps. Thank you.


Ding-Dong -- Your Easily Hacked 'Smart' Doorbell Just Gave Up Your WiFi Credentials

Have we mentioned lately that when it comes to the so-called "internet of things," security is an afterthought? Whether it's your automobile, your refrigerator or your tea kettle, so-called "smart" internet of things devices are consistently and alarmingly showing that they're anything but. If these devices aren't busy giving intruders access to your networks and passwords, they're often making life more difficult than so-called dumb devices. Last week, for example, the popular Nest smart thermostat simply stopped working after a software update, resulting in thousands of customers being unable to heat their homes.

Now yet another security problem has been revealed in The Ring smart video doorbell, which lets you see who's at your front door via a smartphone app. According to a blog post by Pen Test partners, all an intruder needs to do is to remove two screws, press a big orange reset button, and they're able to access the configuration URL for the entire system, which can be chained with other devices including door locks and home security cameras:

In short, your smart doorbell could potentially make you immeasurably less secure, without any visible signs of tampering to the outside unit. This is, the researchers have warned in a previous post, similar to a vulnerability common in a popular smart bathroom scale, which can be easily tricked into sharing a user's WPA-PSK. Fortunately the company behind the smart doorbell tells the research firm that they quickly issued a firmware patch for the problem, though obviously not all vulnerabilities get fixed this quickly, and it's one more example of "smart" technology being a great advertisement for more traditional, dumb devices.

And despite notable experience with security issues, broadband ISPs that have been eager to jump into the smart home arena aren't having much more luck. A flaw was recently exposed in Comcast's Xfinity home security and automation service, allowing a hacker to trick the system into reporting an "all clear" state by jamming the 2.4 GHz radio used by the service. The security service would then report that everything was fine for up to three hours, and once communication was re-established with the service base station, the system never informed the user there was a problem. So smart!

And the end of the day, if you're interested in a smarter, more secure home, you may want to consider a dog.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites &mdash especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise &mdash and every little bit helps. Thank you.


Ding-Dong -- Your Easily Hacked 'Smart' Doorbell Just Gave Up Your WiFi Credentials

Have we mentioned lately that when it comes to the so-called "internet of things," security is an afterthought? Whether it's your automobile, your refrigerator or your tea kettle, so-called "smart" internet of things devices are consistently and alarmingly showing that they're anything but. If these devices aren't busy giving intruders access to your networks and passwords, they're often making life more difficult than so-called dumb devices. Last week, for example, the popular Nest smart thermostat simply stopped working after a software update, resulting in thousands of customers being unable to heat their homes.

Now yet another security problem has been revealed in The Ring smart video doorbell, which lets you see who's at your front door via a smartphone app. According to a blog post by Pen Test partners, all an intruder needs to do is to remove two screws, press a big orange reset button, and they're able to access the configuration URL for the entire system, which can be chained with other devices including door locks and home security cameras:

In short, your smart doorbell could potentially make you immeasurably less secure, without any visible signs of tampering to the outside unit. This is, the researchers have warned in a previous post, similar to a vulnerability common in a popular smart bathroom scale, which can be easily tricked into sharing a user's WPA-PSK. Fortunately the company behind the smart doorbell tells the research firm that they quickly issued a firmware patch for the problem, though obviously not all vulnerabilities get fixed this quickly, and it's one more example of "smart" technology being a great advertisement for more traditional, dumb devices.

And despite notable experience with security issues, broadband ISPs that have been eager to jump into the smart home arena aren't having much more luck. A flaw was recently exposed in Comcast's Xfinity home security and automation service, allowing a hacker to trick the system into reporting an "all clear" state by jamming the 2.4 GHz radio used by the service. The security service would then report that everything was fine for up to three hours, and once communication was re-established with the service base station, the system never informed the user there was a problem. So smart!

And the end of the day, if you're interested in a smarter, more secure home, you may want to consider a dog.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites &mdash especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise &mdash and every little bit helps. Thank you.