LG wants to put WiFi in every new 2017 device – why that should worry you

Posted on Jan 9, 2017 by Caleb Chen
Share Tweet

wifi

LG, the Korean tech corporation, recently announced at CES that they intended to put wireless access aka WiFi in every one of their new 2017 devices. One such smart device that is slated to hit homes this year is the LG Smart Instaview Refrigerator. With this great innovation, you can tap the 29” screen to see what is inside of your fridge instead of opening the handle and “wasting electricity.” WiFi is used to power Amazon’s Alexa, which will be inside your. While this may seem like a great step towards an interconnected world with smart cities and homes, we should take a step back and consider the security and privacy implications of sticking IP cameras, or other Internet of Things (IoT) devices on your network.

Some companies just don’t care about WiFi security

Just last week, the United States Federal Trade Commission (FTC) filed a suit against popular network device company D-Link. The FTC is filing suit because those at D-Link “repeatedly have failed to take reasonable steps to protect their routers and [Internet Protocol] cameras from widely known and reasonably foreseeable risks of unauthorized access.”

From D-Link’s end, William Brown, their chief security officer has denied the FCC’s claims. He stated:

“D-Link denies the allegations outlined in the complaint and is taking steps to defend the action.”

Even if D-Link provides acceptable security to its users, many vulnerable devices are still around. One researcher, Robert Stephens, found that his device (a webcam) was hacked within 98 seconds of being exposed to the big, bad, world, wide web. That webcam, a JideTech 720p wireless security camera, was bought by the security researcher and many more unsuspecting botnet participants from none other than Amazon – though the item is no longer listed as available. Such webcams and other IoT devices have been used in Mirai botnets for massive DDOS attacks on network infrastructure.

Remember that WiFi security is ultimately the end user’s responsibility

If you have an internet connected device, you can’t trust the provider, you’ll have to ensure your own device security. Additionally, don’t buy used IoT devices, as those can have their own unique but obvious security issues. This is just like the days of wireless when everyone had open, unprotected, unencrypted wireless networks and you could just as easily use your neighbor’s wireless as your own. IoT security is important because once a malicious attacker has control of one device on your network, they are positioned to attack your other devices.

About Caleb Chen

Caleb Chen is a digital currency and privacy advocate who believes we must #KeepOurNetFree, preferably through decentralization. Caleb holds a Master's in Digital Currency from the University of Nicosia as well as a Bachelor's from the University of Virginia. He feels that the world is moving towards a better tomorrow, bit by bit by Bitcoin.

VPN Service

Comments are closed.

8 Comments

  1. Antimon555

    From now on, LG can count me as a non-customer.

    3 years ago
    1. Alan

      Same here

      3 years ago
  2. Georgia Brooks

    Well people like me who have PureVPN installed on their network routers don’t really need to worry about the devices. When the network is protected you don’t need to worry.

    3 years ago
    1. Bobby Tables

      If you think VPN on your routers will protect you from IoT devices leaking your data you are seriously misguided.

      3 years ago
    2. Antimon555

      I certainly wish it was that easy. Unfortunately, it gives very limited protection – it may protect if someone gets sensor data (incl. mic and camera) but no user info, then they can’t correlate that to your IP address, but it’s likely that you have entered your name or something else that can be linked to you into your “smart” device, and then it doesn’t matter. For hacking and malware targeting random IP addresses it doesn’t matter if your access toward the Internet is in your town or on the other side of the planet. It could even be possible that such an attack snoops data on your local network and correlates that to other sensor data such as GPS, defeating the purpose of the VPN altogether. (I’m working on an English post on my blog Integritetsnytt, regarding not this exactly, but the related concept of how to think in order to protect anonymity in times of data sharing and surveys. It’s all about information hygiene. I hope to have it done this month.)

      3 years ago
      1. Georgia Brooks

        Do share it with me. I’d love to give it a read.

        3 years ago
        1. Antimon555

          I don’t think I can link here, so I’ll modify the address, but here you go: integritetsnytt (dot) wordpress (dot) com/2017/01/19/surveys-anonymity-and-data-sharing/

          3 years ago
  3. Bobby Tables

    I guess making appliances IoT devices you can build obsoletness into them… All a company has to do is turn off their server

    3 years ago