Webcam search engine raises privacy concerns for connected devices

TORONTO -- A young child asleep on a couch in Israel. Mourners huddled together at a small funeral in Brazil.

See Full Article

An elderly woman stretching in a fitness centre in Poland. All available for anyone to watch via the unsecured webcams overhead.

This isn't "1984," it's the world in 2016. Shodan, a search engine that indexes computers and devices rather than information, now allows users to pull screenshots from nanny cams, security cameras and other connected devices around the world that don't ask for a username or password.

Those screenshots are connected to an IP address, a unique identifier for each Internet connection or device that can be traced back to a general geographic area.

Anne Cavoukian, former Ontario privacy commissioner and now the executive director of the Privacy and Big Data Institute at Ryerson University, said she was appalled when she saw the Shodan webcam search in action.

Yet, she said, it's only a symptom of the wider problem with the so-called Internet of Things, where many webcams and other connected devices such as wearables, TVs and thermostats ship with a low level of security -- and some with none at all.

"It allows people to steal glimpses of personal spaces in people's homes, places of work, or inside a hospital -- our most private spaces," she said.

Emails sent to Shodan's general inbox requesting comment were not answered.

Cavoukian is among those spurring the development of the privacy-by-design approach, urging software companies and manufacturers to build privacy protections into their products from the get-go.

She said it's not enough for companies to give consumers the option to turn on security and privacy measures, because many customers don't have the time or the know-how to dig through the options of every device they own.

And the responsibility of companies to secure their products has never been more urgent, she said, as computers and networks are increasingly invading the home in cars, refrigerators, wearable devices and even baby monitors.

"The minute someone outside has eyes through these webcams into these networks, they're going to see and know everything," she said.

Abhay Raman, a cyber security expert at EY, said some companies cut corners on security in order to make things cheaper for the customer and make it easier for different devices to communicate.

"Designing specifically for various security levels gets more complicated, more involved, with more testing," he said. "Programmers take the easy route in enabling as many features as you can."

Companies, especially those bringing new technology to the market, should offer their customers a privacy nutrition label, Raman said, listing what their device or app does, what it's accessing and why it needs to do so.

"We're going to learn these things as we evolve, but I think it's incumbent on the vendors to provide enough information to help the user make a decision," he said.

Larger companies such as Microsoft, Apple and Facebook have worked to build privacy features such as two-factor authentication into their offerings, he said, yet the bottom line is still a driver for some companies to skimp on security.

Stephen Cobb, a senior researcher at IT security company ESET, said public awareness of security and privacy of connected devices jumped after the well-publicized hack of a Jeep Cherokee in 2015 in which two security researchers demonstrated they could remotely control the vehicle.

That vulnerability was fixed by Fiat Chrysler America after a 1.4 million-vehicle recall, but Cobb said it was inevitable that more security issues will come to the fore as more devices are connected to the Internet.

What's worse, he said, is that while auto companies have procedures in place to contact customers and deal with defective products, digital equipment manufacturers often have no idea who is buying and using their products.

"Most people haven't ever updated their router or updated the firmware on their webcam," he said.



Advertisements

Latest Tech & Science News

  • Extinction of world's biggest mammals tied to spread of humans

    Tech & Science CBC News
    The spread of humans around the world from Africa thousands of years ago wiped out big mammals in a trend that, if it continues, could make the cow the biggest mammal on Earth in a few centuries' time, a scientific study said on Thursday. Source
  • Trudeau not ready to join British PM's ban on single-use plastics

    Tech & Science CBC News
    Prime Minister Justin Trudeau stopped short today of echoing British Prime Minister Theresa May's call for Commonwealth members to ban single-use plastics — but pointed to a planned discussion at the next G7 summit, being hosted by Canada later this year. Source
  • Alberta university criticized over plan to bestow David Suzuki honorary degree

    Tech & Science CTV News
    EDMONTON - The University of Alberta is being criticized for its decision to give David Suzuki an honorary degree. The university announced earlier this month that the environmentalist will be one of 13 recipients in June. Source
  • Meet the newest 'exploding ant' that sacrifices itself for the good of the colony

    Tech & Science CBC News
    Deep in the forests of Borneo live species of ants with a rather novel way of fending off enemies: they explode. While they were first identified in 1916, no new species have been discovered since 1935. Now, a group of international scientists from multiple disciplines including botany, chemistry and entomology, have discovered 15 more separate species of these kamikaze ants. Source
  • Don't hold your breath: Secret behind super deep-diving ability revealed

    Tech & Science CBC News
    An age-old nomadic community of Southeast Asian boat-dwellers who get their food from the sea appear to have evolved enlarged spleens that may help explain their extreme diving prowess, a new study suggests. The spleen stores oxygen-rich red blood cells that it can release into the bloodstream, enabling divers to hold their breath for longer periods of time under water. Source
  • Put the toolbox away - new robot assembles IKEA chairs

    Tech & Science CTV News
    Sick of struggling with incomprehensible instructions and a baffling array of planks and screws? Help is at hand in the form of a new robot that can assemble an IKEA chair in minutes. The robot, developed by scientists at Singapore's Nanyang Technological University, can put together the wooden IKEA chair in just eight minutes and 55 seconds -- a swift timing that may give even DIY enthusiasts a run for their money. Source
  • Wreckage of warship sunk by Japanese torpedoes discovered off Solomon Islands

    Tech & Science CBC News
    A Microsoft co-founder's mission to locate sunken warships in the South Pacific has chalked up another victory with the discovery of the USS Helena nearly 75 years after it was sunk by Japanese torpedoes in the waters off the Solomon Islands, reviving stories of the battle-tested ship's endurance and the nearly unbelievable survival of 165 of the crewmen. Source
  • 'We are sorry': Facebook execs grilled by Canadian legislators amid Cambridge Analytica scandal

    Tech & Science CBC News
    Senior members of the Facebook leadership team faced a rough ride from MPs on Thursday for their failure to inform more than 600,000 Canadians that their privacy might have been compromised. For more than two years, Facebook knew that the personal information of potentially thousands of Canadians was in the hands of a third party — without their consent, and in contravention of Canadian privacy law. Source
  • Dashing to make a flight? Order food to your gate through a delivery app

    Tech & Science CTV News
    TORONTO -- P.J. Mastracchio is used to dashing through airports only to arrive at his gate and have a terrible feeling start to sink in: hunger pangs. The frequent business traveller's routine rush often leaves him with no time to grab a bite. Source
  • Windsor biologists using 3D printed robo-toads to study mating rituals in Costa Rica

    Tech & Science CBC News
    A research project at the University of Windsor is using 3D printed lookalikes to discover why a species of toad in Costa Rica turns bright yellow for a single day during its mating season. The project started a decade ago when Dan Mennill and Stephanie Doucet witnessed a remarkable transformation while studying birds in Costa Rica. Source