Successfully reported this slideshow.

Home Automation Benchmarking Report

1

Share

Loading in …3
×
1 of 9
1 of 9

Home Automation Benchmarking Report

1

Share

Download to read offline

Synack completed a benchmarking test in a series of home automation devices from cameras to home automation controllers to thermostats. The devices were examined head to head to derive conclusions on the relative state of security across the board. Interested in what we found?

Synack completed a benchmarking test in a series of home automation devices from cameras to home automation controllers to thermostats. The devices were examined head to head to derive conclusions on the relative state of security across the board. Interested in what we found?

More Related Content

Related Books

Free with a 14 day trial from Scribd

See all

Home Automation Benchmarking Report

  1. 1. www.synack.com Home Automation Benchmarking
  2. 2. Project Scope Cameras Thermostats Smoke / CO Home Automation Controllers Dlink DCS-2132L Ecobee First Alert SC9120B Control4 HC-250 Dropcam Pro Hive Kidde i2010S Lowes Iris Foscam FI9826W Honeywell Lyric Nest Protect Revolv Simplicam Nest Thermostat SmartThings Withings Baby Monitor
  3. 3. Cameras • All communications encrypted • No public services • Automatic firmware updates • No default credentials • Hardwired connection available • Public firmware is encrypted to some extent • Credential change required on first boot • Encrypted automatic updates • Lost communications alerting • Automatic firmware updates • No hardwired connection • No SSL pinning in mobile app • Communications default to unencrypted • Obfuscates, rather than secures data in transit • Publicly available firmware • Maximum 12 character passwords • Communications default to unencrypted • Obfuscates, rather than secures data in transit • Weak password policy • No certificate validation • Multiple communications are unencrypted • Credentials easily pulled from backups • Hard-coded shared password • Considerable network footprint BEST PRODUCT QUALITIES WORST PRODUCT QUALITIES *The qualities outlined for each product are a result of individual product analysis conducted in isolation from other products examined in this research.
  4. 4. Thermostats • All communications encrypted • Automatic firmware updates • Proper SSL usage / encrypted traffic • Public firmware is encrypted to some extent • Credential change required on first boot • Built on widely used platform • Automatic firmware updates • Encrypted communication • Weak password policy • Weak password policy • Easily guessable configuration token used • Lack of SSL pinning in mobile app • Insecure initial configuration • History of vulnerabilities across product lines • Not all traffic is encrypted • Moderate password policy BEST PRODUCT QUALITIES WORST PRODUCT QUALITIES *The qualities outlined for each product are a result of individual product analysis conducted in isolation from other products examined in this research.
  5. 5. Smoke and CO Detectors • Audible power loss notification • Encrypted network communication • Difficult to tamper with • Impossible to remotely hack, because it lacks connectivity • Impossible to remotely hack, because it lacks connectivity • Weak password policy • Custom configuration protocol / short pairing codes • Not applicable because this is not a “smart” device • Not applicable because this is not a “smart” device BEST PRODUCT QUALITIES WORST PRODUCT QUALITIES *The qualities outlined for each product are a result of individual product analysis conducted in isolation from other products examined in this research.
  6. 6. Home Automation Controllers • Encrypted communications • Strong pairing mechanics • Encrypted communications • Notified if goes offline • Strong password policy • Encrypted communications • Automatic firmware updates • Unsigned firmware • Custom remote management feature • Open ports • Hardcoded API keys • Weak password policy • Exposed telnet service • History of unpatched security issues • Built-in unauthenticated remote management feature • Moderate password policy BEST PRODUCT QUALITIES WORST PRODUCT QUALITIES *The qualities outlined for each product are a result of individual product analysis conducted in isolation from other products examined in this research.
  7. 7. Takeaways • Overall, IoT security is poor, with cameras scoring the lowest • With few exceptions, Nest leads the industry in security practices • A sinking tide incident will likely hit home automation • The industry needs some basic standards to set the bar
  8. 8. Areas to Watch Wi-Fi Jamming • With few exceptions, all Wi-Fi devices are susceptible to jamming • Diversification of used spectrum (2.5Ghz + 5 Ghz, etc.) reduces risk • Hardwired Ethernet options also reduce the risk • Jamming/network down incidents should result in a proactive alert to the user Password strength, Reuse, and Attack Resistance • Basic Password strength requirements should be enforced • Horizontal and vertical password guessing countermeasures should be implemented at application and network layers
  9. 9. Areas to Watch Unencrypted and unauthenticated communications • All communications should use bidirectional encryption • Unauthenticated servers, communications and services should not be allowed Misconfiguration of Encryption • Independent encryption architecture reviews should always be performed. There are thousands of ways to get it wrong, and only a handful of ways to get it right • SSL pinning should be used to prevent man-in-the-middle attacks • Certificate validation should always be performed against a 3rd party • Self-signed certificates should never be used

×