Webcam search engine raises privacy concerns for connected devices

TORONTO -- A young child asleep on a couch in Israel. Mourners huddled together at a small funeral in Brazil.

See Full Article

An elderly woman stretching in a fitness centre in Poland. All available for anyone to watch via the unsecured webcams overhead.

This isn't "1984," it's the world in 2016. Shodan, a search engine that indexes computers and devices rather than information, now allows users to pull screenshots from nanny cams, security cameras and other connected devices around the world that don't ask for a username or password.

Those screenshots are connected to an IP address, a unique identifier for each Internet connection or device that can be traced back to a general geographic area.

Anne Cavoukian, former Ontario privacy commissioner and now the executive director of the Privacy and Big Data Institute at Ryerson University, said she was appalled when she saw the Shodan webcam search in action.

Yet, she said, it's only a symptom of the wider problem with the so-called Internet of Things, where many webcams and other connected devices such as wearables, TVs and thermostats ship with a low level of security -- and some with none at all.

"It allows people to steal glimpses of personal spaces in people's homes, places of work, or inside a hospital -- our most private spaces," she said.

Emails sent to Shodan's general inbox requesting comment were not answered.

Cavoukian is among those spurring the development of the privacy-by-design approach, urging software companies and manufacturers to build privacy protections into their products from the get-go.

She said it's not enough for companies to give consumers the option to turn on security and privacy measures, because many customers don't have the time or the know-how to dig through the options of every device they own.

And the responsibility of companies to secure their products has never been more urgent, she said, as computers and networks are increasingly invading the home in cars, refrigerators, wearable devices and even baby monitors.

"The minute someone outside has eyes through these webcams into these networks, they're going to see and know everything," she said.

Abhay Raman, a cyber security expert at EY, said some companies cut corners on security in order to make things cheaper for the customer and make it easier for different devices to communicate.

"Designing specifically for various security levels gets more complicated, more involved, with more testing," he said. "Programmers take the easy route in enabling as many features as you can."

Companies, especially those bringing new technology to the market, should offer their customers a privacy nutrition label, Raman said, listing what their device or app does, what it's accessing and why it needs to do so.

"We're going to learn these things as we evolve, but I think it's incumbent on the vendors to provide enough information to help the user make a decision," he said.

Larger companies such as Microsoft, Apple and Facebook have worked to build privacy features such as two-factor authentication into their offerings, he said, yet the bottom line is still a driver for some companies to skimp on security.

Stephen Cobb, a senior researcher at IT security company ESET, said public awareness of security and privacy of connected devices jumped after the well-publicized hack of a Jeep Cherokee in 2015 in which two security researchers demonstrated they could remotely control the vehicle.

That vulnerability was fixed by Fiat Chrysler America after a 1.4 million-vehicle recall, but Cobb said it was inevitable that more security issues will come to the fore as more devices are connected to the Internet.

What's worse, he said, is that while auto companies have procedures in place to contact customers and deal with defective products, digital equipment manufacturers often have no idea who is buying and using their products.

"Most people haven't ever updated their router or updated the firmware on their webcam," he said.



Advertisements

Latest Tech & Science News

  • Rio2016, Election2016, PokemonGo top global Twitter trends

    Tech & Science CTV News
    The Rio Olympics, the American presidential election and Pokemon Go were the top global trends on Twitter in 2016. The social media site says Rio2016 was the most tweeted-about topic around the world, followed by Election2016 and PokemonGo. Source
  • Tech companies move to target terrorist propaganda online

    Tech & Science CTV News
    WASHINGTON -- Facebook, Microsoft, Twitter and YouTube are joining forces to more quickly identify the worst terrorist propaganda and prevent it from spreading online. The new program announced Monday would create a database of unique digital "fingerprints" to help automatically identify videos or images the companies could remove. Source
  • IBM begins beta testing to teach Watson more to combat cybercrime

    Tech & Science CTV News
    FREDERICTON -- Just seven months after IBM announced it would begin teaching its Watson computer system to fight cybercrime, the company is graduating Watson to the next level of instruction. Caleb Barlow, vice-president of IBM Security, says 40 organizations will begin beta testing of the cognitive technology. Source
  • Rhode Island School of Design works with NASA on Mars suit

    Tech & Science CTV News
    PROVIDENCE, R.I. -- When scientists are trying to figure out how to live in near-isolation in a dome to simulate a Mars mission, the last thing they'll need is an ill-fitting space suit. So one of the nation's top design schools has come to the rescue. Source
  • Track friends and family in real-time with Google's new 'Trusted Contacts' app

    Tech & Science CTV News
    A new personal safety app by Google released on Dec. 5 enables users to follow the movements of "Trusted" contacts in real-time and vice versa. Google's latest app is advertised as the solution to getting in touch with a person when they aren't necessarily available to talk, such as in a meeting, on a run or, in extreme cases, during a medical emergency. Source
  • The science of studying: How students can put their brains to best use

    Tech & Science CBC News
    It's that time of year again: exams are here and students around the country are busy trying to cram as much information into their brains as they can. Trying to retain several months' worth of information in a stressful situation can be challenging. Source
  • World's first polluted river was contaminated by Neolithic humans learning to smelt 7,000 years ago

    Tech & Science CBC News
    Neolithic humans who were learning how to smelt were responsible for the world's first polluted river approximately 7,000 years ago, a team of international researchers has found. The riverbed in the Wadi Faynan region of southern Jordan is now dry, but researchers found evidence of pollution caused by heating blue-green copper ore and charcoal over fire during the Copper Age. Source
  • Warming to trigger 3 times as many downpours in U.S.: study

    Tech & Science CTV News
    WASHINGTON -- Extreme downpours -- like those that flooded Louisiana, Houston and West Virginia earlier this year -- will happen nearly three times as often in the United States by the end of the century, and six times more frequently in parts of the Mississippi Delta, according to a new study. Source
  • Campaign aims to educate Canada's youth about changing technology

    Tech & Science CTV News
    OTTAWA - A campaign aimed at encouraging young people to get into computer programming is getting a boost from Justin Trudeau. The prime minister is set to join the co-founders of Canada Learning Code and Code.org today to mark the launch of Computer Science Education Week at an event called Hour of Code, with several dozen students gathered at Ottawa-based e-commerce firm Shopify. Source
  • Fukushima reactor briefly loses cooling during inspection

    Tech & Science CTV News
    TOKYO -- One of the melted reactors at the tsunami-hit Fukushima nuclear power plant had a temporary loss of cooling Monday when a worker accidentally bumped a switch while passing through a narrow isle of switch panels during an inspection and turned off the pumping system. Source