"Apps for Popular Smart Home Devices Contain Security Flaws, New Research Finds"
A new study conducted by cybersecurity researchers at Florida Tech found that the smartphone companion applications of 16 popular smart home devices have critical cryptographic flaws. The exploitation of these flaws allows attackers to intercept and modify traffic. The growing use of Internet of Things (IoT) devices such as connected locks, motion sensors, security cameras, and smart speakers has put more people are at risk for cyber intrusions. Through the demonstration of man-in-the-middle (MITM) attacks against 20 devices, the researchers discovered that 16 device vendors failed to implement security measures. According to the researchers, the distributed communications architecture of IoT devices introduces vulnerabilities that attackers could use to intercept and manipulate the communications channel, and impact the user-level perception of an IoT device. They disclosed the vulnerabilities to affected vendors before they released the results of their study. IoT devices found to be vulnerable to MITM attacks include Amazon Echo, Google Home camera, Roku TV, and more. Many of the vendors have started implementing the researchers' recommendations for preventing such attacks. This article continues to discuss the discovery, disclosure, and potential impact of security flaws contained by popular smart home devices.