Webcam search engine raises privacy concerns for connected devices

TORONTO -- A young child asleep on a couch in Israel. Mourners huddled together at a small funeral in Brazil.

See Full Article

An elderly woman stretching in a fitness centre in Poland. All available for anyone to watch via the unsecured webcams overhead.

This isn't "1984," it's the world in 2016. Shodan, a search engine that indexes computers and devices rather than information, now allows users to pull screenshots from nanny cams, security cameras and other connected devices around the world that don't ask for a username or password.

Those screenshots are connected to an IP address, a unique identifier for each Internet connection or device that can be traced back to a general geographic area.

Anne Cavoukian, former Ontario privacy commissioner and now the executive director of the Privacy and Big Data Institute at Ryerson University, said she was appalled when she saw the Shodan webcam search in action.

Yet, she said, it's only a symptom of the wider problem with the so-called Internet of Things, where many webcams and other connected devices such as wearables, TVs and thermostats ship with a low level of security -- and some with none at all.

"It allows people to steal glimpses of personal spaces in people's homes, places of work, or inside a hospital -- our most private spaces," she said.

Emails sent to Shodan's general inbox requesting comment were not answered.

Cavoukian is among those spurring the development of the privacy-by-design approach, urging software companies and manufacturers to build privacy protections into their products from the get-go.

She said it's not enough for companies to give consumers the option to turn on security and privacy measures, because many customers don't have the time or the know-how to dig through the options of every device they own.

And the responsibility of companies to secure their products has never been more urgent, she said, as computers and networks are increasingly invading the home in cars, refrigerators, wearable devices and even baby monitors.

"The minute someone outside has eyes through these webcams into these networks, they're going to see and know everything," she said.

Abhay Raman, a cyber security expert at EY, said some companies cut corners on security in order to make things cheaper for the customer and make it easier for different devices to communicate.

"Designing specifically for various security levels gets more complicated, more involved, with more testing," he said. "Programmers take the easy route in enabling as many features as you can."

Companies, especially those bringing new technology to the market, should offer their customers a privacy nutrition label, Raman said, listing what their device or app does, what it's accessing and why it needs to do so.

"We're going to learn these things as we evolve, but I think it's incumbent on the vendors to provide enough information to help the user make a decision," he said.

Larger companies such as Microsoft, Apple and Facebook have worked to build privacy features such as two-factor authentication into their offerings, he said, yet the bottom line is still a driver for some companies to skimp on security.

Stephen Cobb, a senior researcher at IT security company ESET, said public awareness of security and privacy of connected devices jumped after the well-publicized hack of a Jeep Cherokee in 2015 in which two security researchers demonstrated they could remotely control the vehicle.

That vulnerability was fixed by Fiat Chrysler America after a 1.4 million-vehicle recall, but Cobb said it was inevitable that more security issues will come to the fore as more devices are connected to the Internet.

What's worse, he said, is that while auto companies have procedures in place to contact customers and deal with defective products, digital equipment manufacturers often have no idea who is buying and using their products.

"Most people haven't ever updated their router or updated the firmware on their webcam," he said.


Latest Tech & Science News

  • Energy saving rules mean more net zero home builds, incentives to retrofit older homes

    Tech & Science CBC News
    The federal government wants existing homes to be more energy efficient and for developers to build more net zero homes. Very shortly the Liberal government is expected to introduce changes to the national building code that will require builders to include more net zero homes — buildings that produce as much energy as they use — in housing developments in the next 15 years. Source
  • Sunflower sea star nearly wiped out by virus in B.C., Washington waters: report

    Tech & Science CTV News
    VANCOUVER -- There was once a galaxy of sunflower sea stars in the Salish Sea off the B.C. and Washington state coasts, but a new study says the animal's near disappearance from the ocean floor should be of special concern. Source
  • Canadians now spending more on Internet access than on television

    Tech & Science Toronto Sun
    OTTAWA - Canadians spent more on Internet access than television services for the first time last year, according to a report by the CRTC. The Canadian Radio-television and Telecommunications Commission said that in 2015 communications service industry revenues from Internet access were $9.8 billion, while subscription television services accounted for $8.9 billion. Source
  • Stop looking at your phone: Majority of Canadians support legislation to ban distracted walking

    Tech & Science CBC News
    A new poll suggests the majority of Canadians are in support of regulations to ban distracted walking. Market research company Insights West asked 1,013 people across the country if they would support or oppose legislation that would forbid the use of hand-held cellphones while walking in roadways such as intersections. Source
  • Robotics conference in Beijing highlights intelligent robots

    Tech & Science CBC News
    Air Date: Oct 26, 2016 12:59 PM ET Source
  • Amazon's Alexa voice assistant arrives on Fire tablets

    Tech & Science CTV News
    NEW YORK -- Amazon's Fire tablets are getting the Alexa voice assistant. The previously announced feature will start rolling out to customers Wednesday. It's meant to complement what users get on other Alexa devices, such as the Echo speaker. Source
  • Rehabilitated orangutans freed in Borneo as species dwindles

    Tech & Science CTV News
    KEHJE SEWEN FOREST, Indonesia -- Jamur didn't hesitate as the door of her temporary cramped quarters slid open. In less than a second, the stocky red-haired orangutan was savoring freedom for the first time in nearly two decades. Source
  • Muskrat Falls unrest simmered for years: a look back at methylmercury concerns

    Tech & Science CBC News
    Concerns over methylmercury contamination at Muskrat Falls boiled over this month, but tensions around the multi-billion dollar hydroelectric project in Labrador have been percolating for years. Protesters marched on the Muskrat Falls construction site twice this month — worried that impending flooding would result in dangerous levels of methylmercury in Lake Melville, and would contaminate fish, seal and seabirds downstream. Source
  • 'There's no way for you to know': Why so-called smart devices are putting us all at risk

    Tech & Science CBC News
    Last Friday's massive cyberattacks should serve as a "wake-up call" and a warning to consumers that smart devices designed to make our lives more convenient are also making us unsafe, security analysts warn. Source
  • Updates and fixes in store for iOS and Android

    Tech & Science CTV News
    A few weeks after launching the latest versions of their mobile operating systems iOS and Android, Apple and Google are both rolling out updates to fix bugs and bring new functions to the platforms. iOS 10.1 Source