A vulnerability was found by some white-hat hackers who researched how to obtain the wifi passwords of homes that had super cool lights that could be turned on, off, or dimmed by an app on a phone (both IOS and Android). This was possible by anyone within 30 feet of a bulb because the pre-shared key is never changed, thusly it is easier to determine what the password is. Researchers say “Armed with knowledge of the encryption algorithm, key, initialization vector, and an understanding of the mesh network protocol we could then inject packets into the mesh network, capture the Wi-Fi details, and decrypt the credentials, all without any prior authentication or alerting of our presence,” .
More details here.
In the not too distant past, Adam and Heather woke in the middle of the night to hear someone screaming at their baby through their Internet connected baby monitor.
. If I was a new parent with little to no knowledge of the Internet, that would freak me out. More about this story here.
This is why user awareness is a must. Even for those who have no interest in technology. We cyber-security minded folk must engage with those around us and educate them on possible threats. When devices are engineered, it should force the change of defaults and give depictions of why defaults should be changed to make people understand. Not just in text either, but with pictures or videos, or voice. The Internet of Things, where every device is connected to the Internet, will be a scary place.