Webcam search engine raises privacy concerns for connected devices

TORONTO -- A young child asleep on a couch in Israel. Mourners huddled together at a small funeral in Brazil.

See Full Article

An elderly woman stretching in a fitness centre in Poland. All available for anyone to watch via the unsecured webcams overhead.

This isn't "1984," it's the world in 2016. Shodan, a search engine that indexes computers and devices rather than information, now allows users to pull screenshots from nanny cams, security cameras and other connected devices around the world that don't ask for a username or password.

Those screenshots are connected to an IP address, a unique identifier for each Internet connection or device that can be traced back to a general geographic area.

Anne Cavoukian, former Ontario privacy commissioner and now the executive director of the Privacy and Big Data Institute at Ryerson University, said she was appalled when she saw the Shodan webcam search in action.

Yet, she said, it's only a symptom of the wider problem with the so-called Internet of Things, where many webcams and other connected devices such as wearables, TVs and thermostats ship with a low level of security -- and some with none at all.

"It allows people to steal glimpses of personal spaces in people's homes, places of work, or inside a hospital -- our most private spaces," she said.

Emails sent to Shodan's general inbox requesting comment were not answered.

Cavoukian is among those spurring the development of the privacy-by-design approach, urging software companies and manufacturers to build privacy protections into their products from the get-go.

She said it's not enough for companies to give consumers the option to turn on security and privacy measures, because many customers don't have the time or the know-how to dig through the options of every device they own.

And the responsibility of companies to secure their products has never been more urgent, she said, as computers and networks are increasingly invading the home in cars, refrigerators, wearable devices and even baby monitors.

"The minute someone outside has eyes through these webcams into these networks, they're going to see and know everything," she said.

Abhay Raman, a cyber security expert at EY, said some companies cut corners on security in order to make things cheaper for the customer and make it easier for different devices to communicate.

"Designing specifically for various security levels gets more complicated, more involved, with more testing," he said. "Programmers take the easy route in enabling as many features as you can."

Companies, especially those bringing new technology to the market, should offer their customers a privacy nutrition label, Raman said, listing what their device or app does, what it's accessing and why it needs to do so.

"We're going to learn these things as we evolve, but I think it's incumbent on the vendors to provide enough information to help the user make a decision," he said.

Larger companies such as Microsoft, Apple and Facebook have worked to build privacy features such as two-factor authentication into their offerings, he said, yet the bottom line is still a driver for some companies to skimp on security.

Stephen Cobb, a senior researcher at IT security company ESET, said public awareness of security and privacy of connected devices jumped after the well-publicized hack of a Jeep Cherokee in 2015 in which two security researchers demonstrated they could remotely control the vehicle.

That vulnerability was fixed by Fiat Chrysler America after a 1.4 million-vehicle recall, but Cobb said it was inevitable that more security issues will come to the fore as more devices are connected to the Internet.

What's worse, he said, is that while auto companies have procedures in place to contact customers and deal with defective products, digital equipment manufacturers often have no idea who is buying and using their products.

"Most people haven't ever updated their router or updated the firmware on their webcam," he said.



Advertisements

Latest Tech & Science News

  • The race to space: Experts say 2018 will be the year space tourism takes off

    Tech & Science CBC News
    Space. The final frontier, and quite possibly your family's next March Break vacation. Experts say 2018 will be the year space tourism takes off. But while great leaps are being made at what seems like warp speed, it's a venture that's still fraught with issues that go far beyond its out-of-this-world price tag. Source
  • Genetic analysis reveals origins of dog breeds

    Tech & Science CBC News
    In the pages of human history, the paw prints of man's best friend are tracked all over. As companions, guardians, hunters and herders, dogs come in all shapes and sizes, evidenced by the enormous variety of breeds. Source
  • Giant, stinky flower blooms in Edmonton

    Tech & Science CTV News
    EDMONTON -- The sweet smell of NHL playoff success isn't the only aroma that's exciting people in Edmonton. While fans of the Edmonton Oilers celebrated their team taking a 2-0 lead in their second-round series against the Anaheim Ducks on Friday night, a corpse flower known as "Putrella" bloomed at the city's Muttart Conservatory. Source
  • Waterton, Glacier parks get dark-sky designation

    Tech & Science CTV News
    WATERTON, Alta. -- A pair of sister parks straddling the border between Alberta and Montana have received a special designation. The Waterton-Glacier International Peace Park, as the Canadian and U.S. parks are known, have received an International Dark Sky Park designation. Source
  • Robots boldly go where no one has gone before: Bob McDonald

    Tech & Science CBC News
    The robotic Cassini spacecraft that has been orbiting Saturn for the past 13 years began its final and most daring observation of the ringed planet by diving down through a small gap between the rings and the planet itself, a dangerous move never attempted by a spacecraft before. Source
  • Trump administration wins victory in effort to roll back Obama climate change efforts

    Tech & Science CBC News
    At the Trump administration's request, a federal appeals court agreed Friday to postpone a ruling on lawsuits challenging Obama-era restrictions on carbon emissions. The Environmental Protection Agency had asked the court to put a hold on the case shortly after President Donald Trump signed an executive order directing officials to roll back the Clean Power Plan. Source
  • Facebook isn't doing enough to control violent posts, says expert

    Tech & Science CBC News
    more stories from this episodeMeet the godfather of Canada's outlaw biker club, Satan's ChoiceWhat's life worth? Ken Feinberg on victim compensationFacebook isn't doing enough to control violent posts, says expertFull Episode Serena McKay was just 19 when she was killed in Sagkeeng First Nation in northern Manitoba. Source
  • Facebook preparing to fight political propaganda

    Tech & Science CTV News
    NEW YORK -- Facebook is acknowledging that governments or other malicious non-state actors are using its social network to influence political sentiment in ways that could affect national elections. It's a long way from CEO Mark Zuckerberg's assertion back in November that it was "pretty crazy" to think that false news on Facebook influenced the U.S. Source
  • A robot that picks apples? Replacing humans worries some

    Tech & Science CTV News
    SPOKANE, Wash. -- Harvesting Washington state's vast fruit orchards each year requires thousands of farmworkers, and many of them work illegally in the United States. That system eventually could change dramatically as at least two companies are rushing to get robotic fruit-picking machines to market. Source
  • Humpback whale babies 'whisper' to their moms to avoid detection by predators

    Tech & Science CBC News
    Newborn humpback whales "whisper" to their mothers to avoid being detected by predators such as killer whales, new research suggests. Never captured before, the baby whale call recordings were collected using tags placed temporarily on the whales by a team of ecologists in Denmark, Australia and Scotland. Source