Webcam search engine raises privacy concerns for connected devices

TORONTO -- A young child asleep on a couch in Israel. Mourners huddled together at a small funeral in Brazil.

See Full Article

An elderly woman stretching in a fitness centre in Poland. All available for anyone to watch via the unsecured webcams overhead.

This isn't "1984," it's the world in 2016. Shodan, a search engine that indexes computers and devices rather than information, now allows users to pull screenshots from nanny cams, security cameras and other connected devices around the world that don't ask for a username or password.

Those screenshots are connected to an IP address, a unique identifier for each Internet connection or device that can be traced back to a general geographic area.

Anne Cavoukian, former Ontario privacy commissioner and now the executive director of the Privacy and Big Data Institute at Ryerson University, said she was appalled when she saw the Shodan webcam search in action.

Yet, she said, it's only a symptom of the wider problem with the so-called Internet of Things, where many webcams and other connected devices such as wearables, TVs and thermostats ship with a low level of security -- and some with none at all.

"It allows people to steal glimpses of personal spaces in people's homes, places of work, or inside a hospital -- our most private spaces," she said.

Emails sent to Shodan's general inbox requesting comment were not answered.

Cavoukian is among those spurring the development of the privacy-by-design approach, urging software companies and manufacturers to build privacy protections into their products from the get-go.

She said it's not enough for companies to give consumers the option to turn on security and privacy measures, because many customers don't have the time or the know-how to dig through the options of every device they own.

And the responsibility of companies to secure their products has never been more urgent, she said, as computers and networks are increasingly invading the home in cars, refrigerators, wearable devices and even baby monitors.

"The minute someone outside has eyes through these webcams into these networks, they're going to see and know everything," she said.

Abhay Raman, a cyber security expert at EY, said some companies cut corners on security in order to make things cheaper for the customer and make it easier for different devices to communicate.

"Designing specifically for various security levels gets more complicated, more involved, with more testing," he said. "Programmers take the easy route in enabling as many features as you can."

Companies, especially those bringing new technology to the market, should offer their customers a privacy nutrition label, Raman said, listing what their device or app does, what it's accessing and why it needs to do so.

"We're going to learn these things as we evolve, but I think it's incumbent on the vendors to provide enough information to help the user make a decision," he said.

Larger companies such as Microsoft, Apple and Facebook have worked to build privacy features such as two-factor authentication into their offerings, he said, yet the bottom line is still a driver for some companies to skimp on security.

Stephen Cobb, a senior researcher at IT security company ESET, said public awareness of security and privacy of connected devices jumped after the well-publicized hack of a Jeep Cherokee in 2015 in which two security researchers demonstrated they could remotely control the vehicle.

That vulnerability was fixed by Fiat Chrysler America after a 1.4 million-vehicle recall, but Cobb said it was inevitable that more security issues will come to the fore as more devices are connected to the Internet.

What's worse, he said, is that while auto companies have procedures in place to contact customers and deal with defective products, digital equipment manufacturers often have no idea who is buying and using their products.

"Most people haven't ever updated their router or updated the firmware on their webcam," he said.



Advertisements

Latest Tech & Science News

  • Apple iOS update creates instant storage space

    Tech & Science CTV News
    Time to load up on HD movies and games. Apple device owners may find they suddenly have a lot more storage space for music, videos, photos and apps, thanks to an iOS update that improves the way data is processed and stored on all Apple devices. Source
  • Trump to issue executive order rolling back Obama climate change policies

    Tech & Science CBC News
    President Donald Trump is expected to sign an executive order Tuesday aimed at moving forward on his campaign pledge to unravel former President Barack Obama's plan to curb global warming. The order will suspend, rescind or flag for review more than a half-dozen measures in an effort to boost domestic energy production in the form of fossil fuels. Source
  • 'It's devastating': Documentary reveals 'streams' of water pollution from jean industry

    Tech & Science CTV News
    Those jeans you pull on before running out to the corner store were produced by one of the most toxic industries on the planet, according to a new documentary that explores how clothing manufacturers are poisoning the world's water supply. Source
  • Got camera? Facebook adds more Snapchat-like features

    Tech & Science CTV News
    NEW YORK -- Facebook is adding more Snapchat-like features to its app. The company says it wants to let people's cameras "do the talking" as more people are posting photos and videos instead of blocks of text. Source
  • 2 Canadians win Gairdner Awards for contributions to medical science

    Tech & Science CTV News
    TORONTO -- Two Canadian researchers are among the winners of this year's Gairdner Awards, which recognize some of the most significant medical discoveries made by scientists around the globe. Dr. Antoine Hakim, a professor emeritus of neurology at the University of Ottawa, and Dr. Source
  • Samsung to sell refurbished recalled Note 7 phones

    Tech & Science CTV News
    Samsung announced Monday it would sell some Note 7 smartphones that were recalled for safety reasons as refurbished devices, in an effort to manage its stockpile in an "environmentally friendly" manner. The South Korean giant, the world's largest smartphone maker, said it would sell Note 7s as "refurbished phones or rental phones," after consultations with regulators in various markets. Source
  • Flow reduced in leaking underwater Alaska gas pipeline

    Tech & Science CTV News
    ANCHORAGE, Alaska -- Natural gas spewing into Alaska's Cook Inlet from a ruptured underwater pipeline has been reduced by about half after owners lowered pressure in the line. The pipeline carries gas from onshore to four production platforms owned by Hilcorp Alaska LLC. Source
  • NOAA retires Otto, Matthew as tropical storm names

    Tech & Science CTV News
    Lailoni Kent, 8, of Lake Worth, screams when the pull of the wave was stronger than she thought while playing on the beach and getting photos with her family on Lantana Beach while Hurricane Matthew created big waves, Thursday, Oct. Source
  • 'Australia's own Jurassic Park': Scientists find major dinosaur footprint site

    Tech & Science CTV News
    An 'unprecedented' 21 different types of dinosaur tracks have been found on a stretch of Australia's remote coastline, scientists said Monday, dubbing it the nation's Jurassic Park. Palaeontologists from the University of Queensland and James Cook University said it was the most diverse such discovery in the world, unearthed in rocks up to 140 millions years old in the Kimberley region of Western Australia. Source
  • Pollution talks start after dead dolphin found in NY river

    Tech & Science CTV News
    MOUNT VERNON, N.Y. -- The death of a dolphin in a New York river that empties into Long Island sound has raised questions about water pollution. Officials say the dolphin was found in the Hutchinson River in Mount Vernon Friday afternoon. Source