Webcam search engine raises privacy concerns for connected devices

TORONTO -- A young child asleep on a couch in Israel. Mourners huddled together at a small funeral in Brazil.

See Full Article

An elderly woman stretching in a fitness centre in Poland. All available for anyone to watch via the unsecured webcams overhead.

This isn't "1984," it's the world in 2016. Shodan, a search engine that indexes computers and devices rather than information, now allows users to pull screenshots from nanny cams, security cameras and other connected devices around the world that don't ask for a username or password.

Those screenshots are connected to an IP address, a unique identifier for each Internet connection or device that can be traced back to a general geographic area.

Anne Cavoukian, former Ontario privacy commissioner and now the executive director of the Privacy and Big Data Institute at Ryerson University, said she was appalled when she saw the Shodan webcam search in action.

Yet, she said, it's only a symptom of the wider problem with the so-called Internet of Things, where many webcams and other connected devices such as wearables, TVs and thermostats ship with a low level of security -- and some with none at all.

"It allows people to steal glimpses of personal spaces in people's homes, places of work, or inside a hospital -- our most private spaces," she said.

Emails sent to Shodan's general inbox requesting comment were not answered.

Cavoukian is among those spurring the development of the privacy-by-design approach, urging software companies and manufacturers to build privacy protections into their products from the get-go.

She said it's not enough for companies to give consumers the option to turn on security and privacy measures, because many customers don't have the time or the know-how to dig through the options of every device they own.

And the responsibility of companies to secure their products has never been more urgent, she said, as computers and networks are increasingly invading the home in cars, refrigerators, wearable devices and even baby monitors.

"The minute someone outside has eyes through these webcams into these networks, they're going to see and know everything," she said.

Abhay Raman, a cyber security expert at EY, said some companies cut corners on security in order to make things cheaper for the customer and make it easier for different devices to communicate.

"Designing specifically for various security levels gets more complicated, more involved, with more testing," he said. "Programmers take the easy route in enabling as many features as you can."

Companies, especially those bringing new technology to the market, should offer their customers a privacy nutrition label, Raman said, listing what their device or app does, what it's accessing and why it needs to do so.

"We're going to learn these things as we evolve, but I think it's incumbent on the vendors to provide enough information to help the user make a decision," he said.

Larger companies such as Microsoft, Apple and Facebook have worked to build privacy features such as two-factor authentication into their offerings, he said, yet the bottom line is still a driver for some companies to skimp on security.

Stephen Cobb, a senior researcher at IT security company ESET, said public awareness of security and privacy of connected devices jumped after the well-publicized hack of a Jeep Cherokee in 2015 in which two security researchers demonstrated they could remotely control the vehicle.

That vulnerability was fixed by Fiat Chrysler America after a 1.4 million-vehicle recall, but Cobb said it was inevitable that more security issues will come to the fore as more devices are connected to the Internet.

What's worse, he said, is that while auto companies have procedures in place to contact customers and deal with defective products, digital equipment manufacturers often have no idea who is buying and using their products.

"Most people haven't ever updated their router or updated the firmware on their webcam," he said.



Advertisements

Latest Tech & Science News

  • Researchers to look at ways of mitigating impact of Arctic oil spills

    Tech & Science CTV News
    WINNIPEG -- Ottawa and the Manitoba government have announced $4 million in funding for a large-scale research project aimed at helping Canadian companies and agencies be better prepared to mitigate the environmental impact of Arctic oil spills. Source
  • Photos, romance novels inspire computer program's one-of-a-kind songs

    Tech & Science CTV News
    Can an artificial intelligence learn to write songs like a human artist? That's the question researchers at the University of Toronto are trying to tackle, using a library of romance novels and images as inspiration for their computer program. Source
  • Eugene Cernan, last astronaut to walk on moon, dead at 82

    Tech & Science CBC News
    Eugene Cernan, the last astronaut to walk on the moon, an experience that he said made him "belong to the universe," died on Monday at the age of 82, the U.S. space agency said. Cernan, who was also the second man to walk in space, died surrounded by his family, the National Aeronautics and Space Administration said in a statement without providing details. Source
  • Text 911 for help? CRTC holds hearing on upgrading emergency services

    Tech & Science CBC News
    You may one day be able to text 911 for help, send a photo, or even share video of a bad guy fleeing a scene. The next generation of 911 services is the subject of a Canadian Radio-television and Telecommunications Commission (CRTC) hearing that started Monday. Source
  • Gene Cernan, last astronaut on the moon, dies at 82

    Tech & Science CTV News
    Former astronaut Gene Cernan, the last person to walk on the moon who returned to Earth with a message of "peace and hope for all mankind," died on Monday in Texas following ongoing heath issues, his family said. Source
  • Tecla Shield helps people with physical impairments use mobile devices

    Tech & Science Toronto Sun
    TORONTO — Mauricio Meza says the problem with using traditional assisted devices for communication is they're expensive and don't always work well. “The kind of device Stephen Hawking uses to communicate (costs) $10,000,” the CEO of Toronto tech start-up Komodo OpenLab Inc. Source
  • Why a Canadian teen joined American youth in suing U.S. over climate change

    Tech & Science CBC News
    All his life, Jacob Lebel has felt a special connection to the land, in rural Quebec where he was born and in Eugene, Ore., where he now lives and farms. Lebel, 19, is passionate about preserving the environment and doing what is necessary to prevent climate change. Source
  • Yukon home to 1st traces of humans in North America 24,000 years ago, research suggests

    Tech & Science CBC News
    Humans may have been living in Yukon's Bluefish Caves 10,000 years earlier than previously thought, new research from the University of Montreal suggests. If confirmed, this would make it the oldest known archeological site in North America, representing the earliest evidence found so far of humans in North America. Source
  • Chin up! Blue Monday is not the saddest day of the year

    Tech & Science CBC News
    A specialist in suicide prevention with Horizon Health says too much is made of Blue Monday, which popular culture suggests is the most depressing day of the year. By early January, references to Blue Monday were already popping up on social media, some as offers of support to people expecting to feel sad on the third Monday of January. Source
  • Academics work to preserve millions of colonial documents in Cuba

    Tech & Science CTV News
    HAVANA -- An American team of academics is racing to preserve millions of Cuban historical documents before they are lost to the elements and poor storage conditions. Many of the documents shed light on the slave trade, an integral part of Cuba's colonial history that was intertwined with that of the United States. Source