Intelligent lighting is questioned, system vulnerability is high risk

In the face of this coming new era of intelligence, the security guards in the IT industry are worried, because it also means that the security of the Internet will penetrate and pervade almost all corners of human life. At least, in the view of Tan Xiaosheng, the vice president and chief privacy officer of 360, it will be an era of "vulnerabilities".

Tan Xiaosheng, who returned from the "Black Hat Conference" in Las Vegas, USA, witnessed a demonstration team successfully cracking 22 devices in 45 minutes. He pointed out that the creation of an impeccable intelligent system is a goal pursued by mankind. However, due to the natural defects of computer systems, the probability of realization is very small, and any system may become the target of attack.

"In the future, not only will a device be cracked, but 10 devices will be cracked; not only will your mobile phone be attacked, but your smart wristband, smart glasses, and other portable or household devices may face security risks. Tan Xiaosheng said in an interview.

He takes the example of smart TVs that are currently more in contact with Chinese consumers. Most smart TVs have cameras for users to play games. "When this combination is successfully invaded by hackers, then when the user turns on and off the TV every day, what kind of TV programs are watched, and even no one in the house, these privacys will be completely leaked, and the impact will be more than ordinary people imagine. It is even more serious."

He also pointed out that some smart TV set-top boxes have a sound control system that recognizes speech and, if cracked, becomes a hacker's bug.

The Internet of Vehicles is a part of the Internet of Things. Some of the current driving software has realized remote opening, locking of doors, remote navigation and repair failures. However, Tan Xiaosheng also reminded that while enjoying convenient services, from the vehicle electronic control system to 3G, 4G network communication links, remote server application interfaces, cloud back-end systems and mobile APP security, any loop of security holes, It will have a serious impact on the entire Internet of Vehicles system and even threaten the safety of drivers and passengers.

These are just the tip of the iceberg. In the broad future of the Internet of Things, networking devices such as microwave ovens, refrigerators, and water heaters will face more security risks. "Every piece of compromised equipment can become a spy machine or even a weapon." Tan Xiaosheng said, "Imagine when you bathe, the hacker raises the water temperature to 90 degrees by trapping your water heater, isn't it? Very scary?"

In China, the Internet of Things application is still in its infancy, and most of the companies involved in the enterprise are investing more in application research and development. The safety considerations and R&D investment are almost zero.

"These devices and systems will be destroyed by security vulnerabilities after they have been put into the market in a large scale. Once the vulnerabilities are exposed, the cost of post-repair and upgrade is extremely high, just as the case of the hotel lighting system being invaded is thought-provoking." Tan Xiaosheng said.

According to reports, at the 2014 "Black Hat Conference" in the United States, from the smart dashboard of the car to the Nest smart thermostat, the hackers broke the line of defense. Former Trusted Computing Group Chairman Jesus Molina showed the audience how to use an unsafe protocol to control the hotel's lighting.

The security consultant stayed at a five-star hotel in Shenzhen on a business trip. This hotel offers an iPad for each room, which can be used to control the lighting of the room. Because of the boring leisure time, Jesus Molina researched the iPad and found that the device communicated with the lighting accessories through the hotel's Internet service, and the communication commands did not have any security settings. So, he simply modified the last bit of the device's IP address to control another device; then, he wrote a script on the iPad that controlled the opening and closing of the 200 room lights.

For the test, Jesus Molina changed the room 4 times and also alerted the hotel manager. He even wanted to try to invade the door lock control system, but he felt a little scared and gave up. Later, he contacted the parent company of the hotel, which patched the system vulnerability.

China's Internet Security Conference will be held in Beijing this month. As one of the organizers, 360 has launched a series of hardware products in the field of IoT security, such as child guards, security cameras and security routers. Among them, the security router, as the network center and control hub of the future home contact various smart home devices, will play a role in ensuring the security of data transmission of these devices and protecting against network attacks.

Tan Xiaosheng pointed out that China's router manufacturers are seriously concerned about security. In the past year, millions of routers have been "black", and routers with security vulnerabilities have reached tens of millions.

"We are doing security products, but what we really need is product security." Tan Xiaosheng said, "And the real problem-solving is that the entire industry chain pays attention to security issues, especially for smart device manufacturers to pay attention to security issues."

Watch For Men

Jinhu Weibao Trading Co., Ltd , https://www.weibaoxd.com