Technology How to stop hackers from rickrolling your smart speaker

22:02  29 december  2017
22:02  29 december  2017 Source:   Popular Science

'Smart' Doorbell Alerts Of Fire, Couple Says

  'Smart' Doorbell Alerts Of Fire, Couple Says A couple was alerted to a fire by a 'smart' doorbell, which allowed them to escape.A couple who was sleeping in their Corona, California, home claimed they were alerted to a fire thanks to a "smart" doorbell, KABC, an ABC affiliate reported Monday.

Vulnerabilities in smart speakers from Sonos and Bose expose three bad Wi-Fi habits well-worth breaking. The future is now: Prank-happy hackers can apparently crack into smart speakers to cue up songs and spooky sounds.

And the audio- hacker haunting Trend Micro warns about may have already actually happened in the wild. The company's researchers point to one posting from a customer on a Sonos forum who reported earlier this year that her speaker had "It's starting to freak me out and I don't know how to stop it."

a shelf with many different items on display: Sonos One © Courtesy Sonos Sonos One

The future is now: Prank-happy hackers can apparently crack into smart speakers to cue up songs and spooky sounds. The vulnerability, identified by security firm Trend Micro in a new case study, exposes user data like device names and email addresses associated with streaming-music services—just enough info to allow for targeted earworm attacks. Disturbingly, the researchers needed only basic Internet-scanning tools to ID target-able devices.

The culprit: Crappy home-network security habits.

While the Trend Micro team found that some 500 Bose SoundTouch speakers and up to 5,000 Sonos Play:1 and Sonos One systems were exposed to remote hijacking, the exposure could stretch well beyond the specific devices they scrutinized.

A Cute Toy Just Brought a Hacker Into Your Home

  A Cute Toy Just Brought a Hacker Into Your Home Amid the holiday shopping season, cybersecurity researchers warn that new, interactive toys are vulnerable to many hacking threats.SAN FRANCISCO — My Friend Cayla, a doll with nearly waist-length golden hair that talks and responds to children’s questions, was designed to bring delight to households. But there’s something else that Cayla might bring into homes as well: hackers and identity thieves.

How to Turn an Old Smartphone Into a Home Security Camera. How to Set Up Your New Laptop in the Quickest Time Possible. David Nield. Today 8:00am.

For the moment, the implications of this vulnerability scarcely go beyond a funny prank, but the research should serve an important reminder to be vigilant about home network security. “It changes very quickly,” says Mark Nunnikhoven, a research director at Trend Micro, “it turns on a dime, and all of the sudden it’s not funny anymore.” The report, he continues, shines a light on significant security issues we should all keep in mind as we use more and more smart technologies in our homes.

It’s almost 2018, and we’re still reminding ourselves about the basics of securing our devices. Please, resolve to do these three things.

Don’t ignore firmware updates

We get it, software updates are annoying. They clog up your notifications and put the brakes on your uncontrollable, momentary urge to blast “Despacito” at full volume. But, more and more often, those patches contain vital security updates. “Software does have mistakes, and it needs to be regularly maintained,” says Nunnikhoven, “The small pain of updating those things will have real impact downstream.”

Pelosi urges Ryan not to let House Russia probe shut down

  Pelosi urges Ryan not to let House Russia probe shut down House Minority Leader Nancy Pelosi sent a letter Thursday to House Speaker Paul Ryan urging him not to allow the House Russia investigation to be shut down. Pelosi's letter says Democrats are "deeply concerned by the Majority's efforts to curtail the House Intelligence Committee investigation and its overall failure to address Russia's meddling in the 2016 election." "Nothing less than America's democracy and national security are at stake, and therefore we must fully investigate Russia's assault on our election systems to prevent future foreign attacks," the California Democrat wrote.

Other DIY hackers have been setting up Pi-based Echos with screens, like the Echo Show, and it’s really up to you what you use as a display. Of course, these alternative smart speaker setups aren’t for everyone—the experience isn’t quite as seamless, and you can pick up an Echo Dot pretty

Public Wi-Fi security: how hackers steal your data. Most public connections are either unsecured or have shared passwords. The hacker would only see sensitive information from one or two people before they needed to hack another house.

In this case, Trend Micro did Sonos and Bose the kindness of alerting them of their security gaps before trumpeting news of the vulnerability across the Web. That heads up gave the speaker-makers the chance to plug holes before pranksters could blast buddies with a New York Rickrollin’ Eve party mix. Sonos has subsequently pushed out an update that masked user information—the names of connected smartphones and synced streaming accounts, such as Spotify—that had been previously exposed.

Limit network chatter

It’s a simple enough concept. The more devices, hard drives, computers, and dog bowls you connect to your Wi-Fi network, the more you have to pay attention to the security settings and network access granted to each individual device. “Every device you add is a another potential attack point,” says Nunnikhoven.

Advanced users, he continues, can connect too much for their own good, allowing outside devices to remote into hard drives or servers on the network. For instance, gamers set up their own Minecraft or other servers and let other players access them. “There’s no reason to allow anything from the outside to initiate a connection into my home,” Nunnikhoven says. The only inbound network traffic, he explains, should be a direct response to a request to load a Website or song or video from a device on the network—say, a laptop or set-top box.

Samsung is making a neck speaker that might not annoy everyone else

  Samsung is making a neck speaker that might not annoy everyone else A bunch ofoddstuff comes out of Samsung’s C-Lab incubator each year, and today Samsung is unveiling a handful of its latest projects. The highlight is a product line called S-Ray, short for Sound-Ray, that’s composed of three different speakers that are supposed to act almost like headphones — playing music so that only a single person can hear it.It’s hard to imagine how effectively this will work, but it’s a neat idea. Samsung wants people to be able to listen to music or watch videos while still being able to hear the world around them and without having to wear something on their head.

Where possible, use smart cards and other advanced methods. How can I effectively stop a hacker from hacking my computer?

blog '' is not exists. Breakthrough Marketing Plans: How to Stop Wasting Time and Start Driving

Right out of the box, most routers are setup to block any inbound requests. But anyone with a little know-how (ya know, just enough to not know better), can dig into the settings and change that.

If you’re dead-set on sharing files, opt instead for a free or low-cost cloud service like Dropbox or Google Drive. “What hope do you have of running your own Dropbox and running it securely?” jokes Nunnikhoven.

Use a guest network

Thanks to bundled modem-and-router packages from ISPs, we collectively have better Wi-Fi network hygiene than in the past. The setups come with passwords already in place (though we should be better about resetting them, if we’re honest).

Still, giving out our network password “left, right, and center” is a habit we’d all do well to break, advises Nunnikhoven. Handing over the keys gives guests access to every object on the network—bulbs, speakers, thermostats, and so on.

Most, if not all, new routers allow you to set up a secondary guest network. This walls off Jenny-come-latelys, giving access to an Internet connection without compromising your printers and smart washing machines. Plus, if you spot someone on the guest network who shouldn’t be there, cycling over to a new password won’t send your entire connected household into disarray.

Here's everything LG announced at CES .
The electronics giant unveiled some tweaks to its OLED TVs, a smart home speaker, robots and lots of AI.


—   Share news in the SOC. Networks

Topical videos:

This is interesting!