Deutsch
Español
Français
Italiano
Nederlands
Polski
Português
Русский
Türkçe
Svenska
Chinese
MagyarCheckMag | Toothbrush botnet isn't as far-fetched as it seems as there are plenty of connected devices that could get you hacked
Anything connected to the internet is a potential attack vector for unscrupulous types. This is why public infrastructure, government and weapon control systems are often “air gapped”, the practice of completely isolating them from other connected devices or networks. Even then they can be open to attack.
However, manufacturers and buyers in the consumer space seem to be obsessed with connecting anything and everything to the internet. The problem is, that once a product has been purchased by the consumer the money is in the bank. There is little to no incentive to keep investing in the security of that device, particularly those without a reputation to uphold.
To say that everything you buy from China is a security risk might seem unfair. There are plenty of big name manufacturers with devices that have been, or have the potential to be compromised. But products from mainstream brands are protected by IP and are far less likely to be copied. The problem with Chinese products from the likes of Aliexpress, Temu and even Amazon, is that they are often repackaged under different brands.
The latest round of products to be highlighted this month are smart doorbells, where Engadget notes that a number of products from manufacturer “Eken” (but sold under 6 different brands) can be easily compromised and offer poor security. But this isn’t a new story, Which reported back in 2020 that 11 of its tested doorbells demonstrated significant security issues and yet these products continue to be sold on online marketplaces with five star reviews. If it isn’t doorbells, it’s baby monitors, Android TV boxes or security cameras.
While it’s easy to blame the manufacturers, or even the marketplaces selling these products, the fact is that while there is a demand for cheap connected devices, manufacturers and retailers will continue to build and sell them. Alas, the people buying these products probably aren't informed Notebookcheck readers, more the uninformed consumers looking for a bargain basement product that offers the same features as their pricier relatives. But as the old adage goes, “you get what you pay for”.
A toothbrush, or any device that works behind a bluetooth connection is fairly unlikely to be a significant threat. (Although they can run Doom) But what happens if the app gets compromised, or is intentionally loaded with malware?
Perhaps the question we should be asking is; does a toothbrush or a set of scales really need to be connected to anything? People have been brushing teeth for thousands of years without requiring an internet connection. It seems like consumers have gone beyond convenience and started buying solutions to problems that don’t exist.
In reality, we can’t expect manufacturers or retailers to fix this problem for us. Instead, we need to quell our thirst for bargains and stop buying these products altogether. If you absolutely are determined to buy a connected device, get one from a reputable manufacturer (like this Ring Doorbell on sale from Amazon*) or at least keep it locked behind your router and use a secure VPN like Wireguard to access your home network from outside.
Source(s)
