Webcam search engine raises privacy concerns for connected devices

TORONTO -- A young child asleep on a couch in Israel. Mourners huddled together at a small funeral in Brazil.

See Full Article

An elderly woman stretching in a fitness centre in Poland. All available for anyone to watch via the unsecured webcams overhead.

This isn't "1984," it's the world in 2016. Shodan, a search engine that indexes computers and devices rather than information, now allows users to pull screenshots from nanny cams, security cameras and other connected devices around the world that don't ask for a username or password.

Those screenshots are connected to an IP address, a unique identifier for each Internet connection or device that can be traced back to a general geographic area.

Anne Cavoukian, former Ontario privacy commissioner and now the executive director of the Privacy and Big Data Institute at Ryerson University, said she was appalled when she saw the Shodan webcam search in action.

Yet, she said, it's only a symptom of the wider problem with the so-called Internet of Things, where many webcams and other connected devices such as wearables, TVs and thermostats ship with a low level of security -- and some with none at all.

"It allows people to steal glimpses of personal spaces in people's homes, places of work, or inside a hospital -- our most private spaces," she said.

Emails sent to Shodan's general inbox requesting comment were not answered.

Cavoukian is among those spurring the development of the privacy-by-design approach, urging software companies and manufacturers to build privacy protections into their products from the get-go.

She said it's not enough for companies to give consumers the option to turn on security and privacy measures, because many customers don't have the time or the know-how to dig through the options of every device they own.

And the responsibility of companies to secure their products has never been more urgent, she said, as computers and networks are increasingly invading the home in cars, refrigerators, wearable devices and even baby monitors.

"The minute someone outside has eyes through these webcams into these networks, they're going to see and know everything," she said.

Abhay Raman, a cyber security expert at EY, said some companies cut corners on security in order to make things cheaper for the customer and make it easier for different devices to communicate.

"Designing specifically for various security levels gets more complicated, more involved, with more testing," he said. "Programmers take the easy route in enabling as many features as you can."

Companies, especially those bringing new technology to the market, should offer their customers a privacy nutrition label, Raman said, listing what their device or app does, what it's accessing and why it needs to do so.

"We're going to learn these things as we evolve, but I think it's incumbent on the vendors to provide enough information to help the user make a decision," he said.

Larger companies such as Microsoft, Apple and Facebook have worked to build privacy features such as two-factor authentication into their offerings, he said, yet the bottom line is still a driver for some companies to skimp on security.

Stephen Cobb, a senior researcher at IT security company ESET, said public awareness of security and privacy of connected devices jumped after the well-publicized hack of a Jeep Cherokee in 2015 in which two security researchers demonstrated they could remotely control the vehicle.

That vulnerability was fixed by Fiat Chrysler America after a 1.4 million-vehicle recall, but Cobb said it was inevitable that more security issues will come to the fore as more devices are connected to the Internet.

What's worse, he said, is that while auto companies have procedures in place to contact customers and deal with defective products, digital equipment manufacturers often have no idea who is buying and using their products.

"Most people haven't ever updated their router or updated the firmware on their webcam," he said.



Advertisements

Latest Tech & Science News

  • Bill Gates talks big mysteries, 'SNL' and disguises in Reddit AMA

    Tech & Science CTV News
    Microsoft founder and billionaire philanthropist Bill Gates joined Reddit users for an "Ask Me Anything" session on Monday, in which he spoke about social isolation, philanthropy, "Saturday Night Live" and the scientific question that puzzles him the most. Source
  • Fly me to the moon: SpaceX taking 2 'private citizens' into lunar orbit

    Tech & Science CTV News
    Money can take you far in this world, and, apparently, even farther off it. Two private citizens will join a crew of SpaceX astronauts on the first-ever mission to orbit the moon in decades, the space flight company announced Monday. Source
  • Study finds odd link between warm climate, slow snowmelt

    Tech & Science CTV News
    DENVER - Researchers say global warming could melt mountain snow more slowly, a peculiar finding that might be bad news for the American West. Scientists have long known snow is starting to melt sooner as the climate warms. Source
  • SpaceX to fly 2 people around the moon by next year

    Tech & Science CBC News
    SpaceX says it will fly two people to orbit the moon next year. The surprising announcement was made by company chief Elon Musk on Monday. Two people who know one another approached the company about sending them on a weeklong flight around the moon — though no landing would be made. Source
  • Solar eclipse darkens skies across Southern Hemisphere

    Tech & Science CBC News
    People in the Southern Hemisphere were treated to a solar eclipse on Sunday. The annular eclipse, sometimes referred to as a "ring of fire," was only seen in parts of Chile and Argentina as well as Angola. Source
  • Watch live: Giraffe prepares to give birth to calf

    Tech & Science CTV News
    As a 15-year-old giraffe named April prepares to give birth at a New York zoo any day now, anyone interested in watching the moment online will be able to stream it on the zoo’s YouTube page as well as CTVNews.ca. Source
  • WHO's 'priority pathogens' list highlights urgent need for new drugs

    Tech & Science CBC News
    The World Health Organization has released its first list of the world's most dangerous superbugs — 12 families of bacterial supervillains considered the most serious threats to human health. The WHO calls it a list of "priority pathogens" because the bacteria have developed resistance to key antibiotic drugs. Source
  • Samsung delays its new phone, showcases tablets instead

    Tech & Science CTV News
    NEW YORK -- Samsung's product showcase Sunday is notable for what's missing: a new flagship phone. Instead, Samsung is spotlighting new Android and Windows tablets after delaying the Galaxy S8 smartphone - an indirect casualty of the unprecedented September recall of the fire-prone Note 7 phone . Source
  • Nokia relaunches iconic 3310 mobile model

    Tech & Science CTV News
    Finnish brand Nokia, a former mobile star, on Sunday launched three new Android smartphones and unveiled a revamped version of its iconic 3310 model more than a decade after it was phased out. Unlike the original, which was known for its sturdiness, the new Nokia 3310 will allow web browsing. Source
  • ZTE launches world's first 5G-ready smartphone

    Tech & Science CTV News
    Chinese telecoms giant ZTE unveiled Sunday what it said is the world's first smartphone compatible with the lightening-fast 5G mobile internet service that networks expect to have up and running by 2020. The company said the Gigabit Phone is the first smartphone capable of download speeds reaching up to 1 gigabit per second (Gbps) -- up to 10 times faster than the first generation of 4G services widely in use today. Source