By Liz Dominguez
What is the true cost of this convenience? Some gadget adopters are reporting invasion of privacy, security risks, and more. For those who have not yet invested in smart home technology, these factors are largely holding them back; in fact, it is the second-biggest reason for hesitation for 17 percent of non-users, behind price (42 percent), according to a recently released report by PricewaterhouseCoopers (PwC), “Smart Home, Seamless Life: Unlocking a Culture of Convenience.” In addition, 56 percent of surveyed individuals stated they would choose encryption to protect their data when creating their own smart home.
What are these misuses of technology that could lead to privacy or security risks? These are a few of the reported instances thus far:
For the typical owner, this may not seem like a significant violation; however, this could lead to another type of home theft in which fraudsters break into homes looking to steal identifying information via smart home gadgets, leaving little to no evidence of their break-in behind. While Barnes installed code for the specific purpose of audio streaming, he clarified that the installation of malware could serve other uses, such as stealing access to a homeowner’s Amazon account, installing ransomware or attacking parts of the network.
According to Young, attackers can use these Google devices to send a link (which could be anything from a tweet to an advertisement) to the connected user; if the link is clicked and the page left opened for about a minute, the attacker is able to obtain a location.
“The difference between this and a basic IP geolocation is the level of precision,” Young said in the article. “For example, if I geo-locate my IP address right now, I get a location that is roughly two miles from my current location at work. For my home internet connection, the IP geo-location is only accurate to about three miles. With my attack demo, however, I’ve been consistently getting locations within about 10 meters [32 feet] of the device.”
Google initially told Young they would not be fixing the problem; however, after going to the press about the issue, Young reports that Google will be releasing an update in mid-July to address the privacy leak for both devices.
Amazon has since reported that the Echo speaker picked up words in Danielle’s background conversations that it interpreted as “wake words” for recording and sending audio to a contact; however, an article published by website The Information last July states that Amazon was considering obtaining recorded conversations and sending transcripts to developers so they can build more responsive software, making it unclear if these devices automatically record audio without waiting for “wake words.”
These Vulnerabilities Could Impact Real Estate
Smart homes are increasing across the country. According to Statista, a statistics website, the estimated value of the North American smart home market will be $27 billion by 2021.
Of course, the vulnerabilities that have cropped up for some users could have an impact on the selling process. For example, some sellers have already begun using their security systems as a way to listen in on prospective buyers or watch them as they visit the listed home, regardless of whether local laws prohibit these recording practices.
Additionally, if homeowners have devices such as Google Home or Amazon Echo, but do not have security cameras, how can they be sure that visiting buyers are not accessing sensitive information through these speakers? While agents always play a role in adding a measure of security by being present during showings, fraudulent activity that is internet-based only, such as obtaining online data through links, will be difficult to identify.