Webcam search engine raises privacy concerns for connected devices

TORONTO -- A young child asleep on a couch in Israel. Mourners huddled together at a small funeral in Brazil.

See Full Article

An elderly woman stretching in a fitness centre in Poland. All available for anyone to watch via the unsecured webcams overhead.

This isn't "1984," it's the world in 2016. Shodan, a search engine that indexes computers and devices rather than information, now allows users to pull screenshots from nanny cams, security cameras and other connected devices around the world that don't ask for a username or password.

Those screenshots are connected to an IP address, a unique identifier for each Internet connection or device that can be traced back to a general geographic area.

Anne Cavoukian, former Ontario privacy commissioner and now the executive director of the Privacy and Big Data Institute at Ryerson University, said she was appalled when she saw the Shodan webcam search in action.

Yet, she said, it's only a symptom of the wider problem with the so-called Internet of Things, where many webcams and other connected devices such as wearables, TVs and thermostats ship with a low level of security -- and some with none at all.

"It allows people to steal glimpses of personal spaces in people's homes, places of work, or inside a hospital -- our most private spaces," she said.

Emails sent to Shodan's general inbox requesting comment were not answered.

Cavoukian is among those spurring the development of the privacy-by-design approach, urging software companies and manufacturers to build privacy protections into their products from the get-go.

She said it's not enough for companies to give consumers the option to turn on security and privacy measures, because many customers don't have the time or the know-how to dig through the options of every device they own.

And the responsibility of companies to secure their products has never been more urgent, she said, as computers and networks are increasingly invading the home in cars, refrigerators, wearable devices and even baby monitors.

"The minute someone outside has eyes through these webcams into these networks, they're going to see and know everything," she said.

Abhay Raman, a cyber security expert at EY, said some companies cut corners on security in order to make things cheaper for the customer and make it easier for different devices to communicate.

"Designing specifically for various security levels gets more complicated, more involved, with more testing," he said. "Programmers take the easy route in enabling as many features as you can."

Companies, especially those bringing new technology to the market, should offer their customers a privacy nutrition label, Raman said, listing what their device or app does, what it's accessing and why it needs to do so.

"We're going to learn these things as we evolve, but I think it's incumbent on the vendors to provide enough information to help the user make a decision," he said.

Larger companies such as Microsoft, Apple and Facebook have worked to build privacy features such as two-factor authentication into their offerings, he said, yet the bottom line is still a driver for some companies to skimp on security.

Stephen Cobb, a senior researcher at IT security company ESET, said public awareness of security and privacy of connected devices jumped after the well-publicized hack of a Jeep Cherokee in 2015 in which two security researchers demonstrated they could remotely control the vehicle.

That vulnerability was fixed by Fiat Chrysler America after a 1.4 million-vehicle recall, but Cobb said it was inevitable that more security issues will come to the fore as more devices are connected to the Internet.

What's worse, he said, is that while auto companies have procedures in place to contact customers and deal with defective products, digital equipment manufacturers often have no idea who is buying and using their products.

"Most people haven't ever updated their router or updated the firmware on their webcam," he said.



Advertisements

Latest Tech & Science News

  • Google Maps calorie feature yanked out of concern for users with eating disorders

    Tech & Science CTV News
    TORONTO -- A mental health advocate says Google made the right decision to shut down a calorie count feature in its map application that critics said could be damaging to users with eating disorders. The tech company confirmed via email Tuesday that it disabled the function Monday night due to "strong user feedback. Source
  • Why seeing a star crash is a 'watershed moment in astrophysics'

    Tech & Science CBC News
    Scientists have followed gravitational waves to something they've never seen before — the collision of two exotic objects called neutron stars. By observing a fleeting star-like object in the sky in August, they've learned a lot of new things about the universe worth clinking glasses over. Source
  • Smartphone makers duking it out with high-tech features

    Tech & Science CTV News
    The front lines of the battle for smartphone dominance over the coming years have grown clearer after Chinese technology firm Huawei presented an AI-powered phone designed to go head-to-head with Samsung and Apple. Features needed to propel a device into the top end are growing increasingly complex and expensive to develop, meaning only the companies with the deepest expertise and pockets can hope to compete. Source
  • Google offers heightened security for 'high-risk' users

    Tech & Science CTV News
    Google said Tuesday it would offer stronger online security for "high risk" users who may be frequent targets of online attacks. The U.S. technology titan said anyone with a personal Google account can enroll in the new "advanced protection," while noting that it will require users to "trade off a bit of convenience" for extra security. Source
  • Researchers call for offshore oil action as Newfoundland seabirds vanish

    Tech & Science CTV News
    ST. JOHN'S, N.L. -- Millions of seabirds have vanished since offshore oil production started off Newfoundland 20 years ago, and researchers say there's an urgent need to better monitor related environmental effects. They say a colony of small nocturnal birds called Leach's storm petrels has shrunk dramatically. Source
  • Microsoft rolls out new Windows 10 update and laptops

    Tech & Science CTV News
    In this Thursday, May 11, 2017, file photo, Terry Myerson, executive vice president of the Windows and Devices Group, speaks at the Microsoft Build 2017 developers conference, in Seattle. (AP Photo/Elaine Thompson, File) Source
  • Secret Microsoft database of unfixed vulnerabilities hacked in 2013

    Tech & Science CBC News
    Microsoft Corp's secret internal database for tracking bugs in its own software was broken into by a highly sophisticated hacking group more than four years ago, according to five former employees, in only the second known breach of such a corporate database. Source
  • Study: Eclipse brought an estimated 616K people to Nebraska

    Tech & Science CTV News
    LINCOLN, Neb. -- A study says the solar eclipse brought an estimated 616,000 out-of-state visitors to Nebraska. The study by Dean Runyan and Associates and Destination Analysts Inc. was done for the Nebraska Tourism Commission. Source
  • Light in the sky over U.A.E. likely Russian rocket breaking up

    Tech & Science CTV News
    DUBAI, United Arab Emirates -- A light seen in the night sky over the United Arab Emirates likely was a discarded Russian spaceship breaking up after re-entering the Earth's atmosphere. Those in Abu Dhabi and Dubai shared online videos and pictures of the light seen in the sky Monday night. Source
  • Greenpeace faults many tech giants for environment impact

    Tech & Science CTV News
    SEOUL, Korea, Republic Of -- The environmental group Greenpeace issued a report on Tuesday giving technology titans including Samsung Electronics, Amazon and Huawei low marks for their environmental impact. Many of the biggest technology companies failed to deliver on commitments to reduce emissions of greenhouse gases and are still reluctant to commit fully to renewable energy, according to Greenpeace USA's Guide to Greener Electronics. Source