According to HP’s report on the Internet of Things, there will be 25 billion connected things (that’s a technical term) by the year 2020. On the way to the year 2020, as we walk this crazy road, we keep finding that there are a ton of unsatisfactorily un-securable features to poorly keep intruders out.
Why bother?
Without naming names, here is a list of the worst security features of the best selling products available today:
- 100% of device interfaces allowed the use of weak passwords
- 100% lacked an account lockout mechanism to prevent automatic attacks like brute force, or dictionary attacks
- 100% are vulnerable to account harvesting, allowing attackers to guess login credentials and gain access
- Some systems allowed to view video without authentication if they were local on the wifi or straight plugged into the network
- 50% exhibited improperly configured or poorly implemented SSL/TLS
- 70% allowed unrestricted account enumeration through their cloud-based web interface
- 50% allowed unrestricted account enumeration through mobile application interface
- 60% didn’t allow update capabilities
- 100% didn’t allow for automatic update functionality
The long and short of it, is the future is going to be very hackable.