Notwithstanding the exciting possibilities of internet connected fridges, there are some cases of fridge that have security vulnerabilities & should be harsh lesson for all Internet of Things (IoT) vendors.

Two Internet Refrigerator Products & Security Risks Case Studies

Contributed by | Jogmon

 

The classic Internet connected home of the future automatically orders milk from the local store when it’s running low in the fridge. While that maybe sometime away, here are two companies integrating your fridge to the internet showing you some possibilities & two security risk case studies from these connected devices.

 

Samsung RF28HMELBSR Internet Fridge

The Samsung 4-Door refrigerator with 8" Wi-Fi Enabled LCD will allow you to browse the web, access apps and connect to other Samsung smart devices – opening up a world of interactive communication and entertainment.

 

ChillHub by FirstBuild

 

FirstBuild is a partnership between GE Appliances and Local Motors to create a new model for the appliance industry, engaging a community of industrial designers, scientists, engineers, makers and early adopters to address some of the toughest engineering challenges and innovations. ChillHub is a refrigerator with USB capabilities and WiFi connected. This will give developers a platform to create awesome new add-on products like a butter softener compartment, food scale/weight sensor, deodorizer, auto-fill water pitcher, temperature modules, baby bottle IR, external speakers, voice control, etc.

Notwithstanding the exciting possibilities of internet connected fridges, there are some cases of fridge that have security vulnerabilities & should be harsh lesson for all Internet of Things (IoT) vendors. Here are two examples of Security Risks from Internet fridges:

 

Samsung Internet fridge Security Vulnerability

Whilst the fridge implements SSL, it FAILS to validate SSL certificates, thereby enabling man-in-the-middle attacks against most connections. This includes those made to Google's servers to download Gmail calendar information for the on-screen display. So, MITM the victim’s fridge from next door, or on the road outside and you can potentially steal their Google credentials.

 

IoT Attack Uncovered by Proofpoint

The global attack campaign involved more than 750,000 malicious email communications coming from more than 100,000 everyday consumer gadgets such as home-networking routers, connected multi-media centers, televisions and at least one refrigerator that had been compromised and used as a platform to launch attacks. The attack that Proofpoint observed and profiled occurred between December 23, 2013 and January 6, 2014, and featured waves of malicious email, typically sent in bursts of 100,000, three times per day, targeting Enterprises and individuals worldwide. More than 25 percent of the volume was sent by things that were not conventional laptops, desktop computers or mobile devices; instead, the emails were sent by everyday consumer gadgets such as compromised home-networking routers, connected multi-media centers, televisions and at least one refrigerator. No more than 10 emails were initiated from any single IP address, making the attack difficult to block based on location -- and in many cases, the devices had not been subject to a sophisticated compromise; instead, misconfiguration and the use of default passwords left the devices completely exposed on public networks, available for takeover and use.

 

About Jogmon
Jogmon covers open source, sensors, IoT & related topics.

 


Comments (0)

This post does not have any comments. Be the first to leave a comment below.


Post A Comment

You must be logged in before you can post a comment. Login now.

Featured Product

Advanced UPB Lighting Packages from Simply Automated

Advanced UPB Lighting Packages from Simply Automated

Custom scenes (connecting up to 250 switches) in your living, family or great room, kitchen, study, master bedroom/bathroom, and office. Turn off all lights in your home at the touch of a button. Automatically (Timer Scheduler) turn on/off outdoor security lights, heating and AC, or provide night light convenience anywhere in your home. From creating a virtual 3 way switch anywhere in your home, to turning a group of lights when your garage door is opened, door bell or phone rings.