Although it's a rapidly growing space, the smart home realm isn't without its pain points. Notably, security is a huge concern. That's because of a few reasons. With such expansion and adoption, technology debuts faster, and testing isn't able to detect vulnerabilities. Moreover, the Internet of Things (IoT) is still pretty fresh. As such, it's littered with loophooles. Now, security flaws found in Insteon and Wink systems plague the popular connected devices. [Read: Google home vs Amazon Echo: Which is better for smart home control]
Security flaws found in Insteon and Wink: What this means
Vulnerabilites are never good, and this particular set of flaws that researchers uncovered it nasty. Essentially, hackers could access Wink and Insteon systems. As Internet of Business reports, Rapid7 security researchers found that Wink's Hub 2 and Insteon's Hub overlooked sensitive credentials related to Android apps. Therefore, these gadgets which connect a variety of IoT devices allow potential access to sensitive data. [Read: DIY home security system buying guide – 6 things to look for to help your decision]
Plus, Rapid7 asserts that Wink's cloud-based management API fails to expire and revoke authentication tokens. It doesn't look any better for Insteon. Because its Hub employs unencrypted radio transmission protocols, there's an even greater security threat for the likes of garage door locks. [Read: 5 best wireless outdoor security cameras 2017 – Wireless outdoor security cameras to monitor your home]
What do to next for security flaws in Wink and Insteon
While both vendors have (at the time of this posting) yet to address the issues, Rapid7 offers a few suggestions. Namely, ensure full disk encryption is enabled for your mobile devices. Although it's disconcerting to discover these vulnerabilities, the problems have come to light. Thus, users may protect themselves as best they can. Additionally, with vendors made aware, ideally patches will roll out shortly.
However, what's frightening is considering what vulnerabilities haven't been discovered. Ironically, some home security gadgets or hubs may even prove detrimental to security. Nevertheles, there's a lot that both individuals and businesses can do to bolster IoT security. Luckily, some threats, though inconvenient, may be totally goofy. For instance, a hack which had fridges sending out spam emails.
Are you concerned about the security flaws found in Insteon and Wink?