SlideShare a Scribd company logo

Swisscom: Smart Homes & Security Risks

Lea-María Louzada
Lea-María Louzada

ineltec Forum, Messe Basel, 10. September 2015, 10.00 - 11.45 Uhr Netzwerktechnik Smart Living - Auswirkungen auf Kommunikation und Infrastruktur Eine Veranstaltung von asut Schweizerischer Verband der Telekommunikation Weitere Informationen zum Event finden Sie unter folgendem Link: http://www.ieu.ch/ineltec-event-reports-2015/index.php?id=57

Technology
1 of 22
Download to read offline
Smart  Homes   & Security  Risks Gregory  Grin  -­ 2015
3 Swisscom  Smart  Living
4 The  more  we  transform  our  life  in  a  digital  life,  the  more  intimate   information  is  potentially  available
But,  this  is  not  a  new  situation.  This  is  already  the  case  in  a   “non-­digital” life…
And  we  take  measures  to  protect  ourselves
There  is  no  reason  to  not  do  the  same  in  our  digital  life  and   while  using  Smart  Home  solutions
It  looks  like  there  is  a  Digital  Paranoia  trend  nowadays
Proposed  approach  while  considering  Smart  Home  solutions  for   your  house:  A  Healthy  Digital  Paranoia
1. Physical  Access 2. Wi-­Fi 3. Passwords 4. Cloud  vs.  local 5. Connectivity  within  the  Smart  Home  System 6. Interface 7. Systems  with  preventive  measures 8. Firmware
“Please  destroy  all  my   smart  home  system,  all   my  home  automation  &   comfort,  as  well  as  all  my   rainy  Saturday   afternoons  spent  at   configuring   it  and  making   it  work…” The  so  called  “Hammer  Invitation”
Consider  locking  your  Ethernet  sockets    
Secure  your  Wi-­Fi  network 1. Don’t  stay  with  the  default  settings  (there  is  a  hacker  public   database  with  them) 2. Create  a  long  complex  password  chain  and  do  not  hide  it  on  a   sticker  under  the  router… 3. Don’t  use  your  name,  home  address  or  other  personal  information   in  the  SSID  name 4. Enable  the  highest  level  of  network  encryption,  and  use  a  Smart   Home  system  that  supports  it 5. Consider  MAC  address  filtering 6. Potentially  reduce  the  range  of  your  Wi-­Fi  network 7. Upgrade  your  router  Firmware 8. Consider  a  separate  home  network  for  your  smart home  installation
Passwords § Don’t  stay  with  the  default  settings  of  your  Smart   Home  system § Create  long  and  complex  passwords for  your  Smart   Home  devices § Don’t  use  the  same  password  everywhere § If  you  are  afraid  to  forget  your  passwords,  use  a   password  management  tool
Cloud  vs.  local § Consider  a  Smart  Home  system  with  which  you  can  specify  what   you  want  to  be  on  the  cloud  and  what  you  want  to  keep  local  for   privacy  reasons § Local  /  cloud  duplication  is  also  an  interesting  feature  from  a   security  point  of  view  but  not  only § How  is  the  communication  between  the  cloud  and  the  Smart  Home   System  handled?  Https?  With  a  trusted  certificate?  With  mutual   SSL  authentication?  With  an  additional  level  of  encryption?   § Where  is  the  cloud?  Is  it  hosted  in  a  serious  place  that  would  resist   to  attacks? § Does  your  system  provide a  standalone  option  without internet  and  cloud?
Connectivity  within  the  Smart  Home  System § How  do  the  sensors  communicate  to  the  outside  or  to  a   Smart  Home  Gateway? § Is  it  possible  to  use  a  mix  of  wireless  and  wired   connections? § Does  the  system  use  standards  (KNX,  Z-­Wave,  Dect,…)   that  enforce  a  reasonable  level  of  security  and   encryption?
Interface § Does  your  system  require  to  change  any  default  password  at  start? § Does  it  allow  and  encourage  the  use  of  strong  password  (>=8   characters,  upper  case,  symbols,  numbers) § No  hard-­coded  password  is  used § How  does  the  interface  react  after  multiple  attempt  of  login  with   wrong  password?  (brut  force  attack) § How  does  automatic  login  work?   § Is  it  possible  to  disable  features  that  are  not  being  used? § Is  the  web  interface  secured  from  bugs listed  in  the  OWASP  top  ten  vulnerabilities? § Can  you  modify  privacy  and  security settings? § Is  there  a  privacy  mode?  How  does  it  work?
System  with  preventive  measures § Does  your  system  react  to  jamming?  How? § Does  your  system  react  to  network  and  Wi-­Fi  failure?  How? § Does  your  system  send  you  notifications  when  it  changes  of   state? § How  does  your  system  restart  and  reacts  when  there  is  an   outage?   § Is  there  a  fail-­safe  mode? § How  does  the  system/device react  to  tempering? § Does  the  system  require user’s  approval  to  enter  in maintenance   mode?
Firmware § Is  there  a  simple  and  secured  update  process? § Are  firmware  upgrades  of  the  devices  signed  and   encrypted? § Can  firmware  upgrades  be  controlled   by  users? § How  does  the  system  react  in  terms  of  unrequested   firmware  upgrades?
Conclusion § Unfortunately,  it  is  difficult  for  users  to  secure  their   Smart  Home  themselves,  as  most  systems  do  not   provide  a  secure  mode  of  operation § Nonetheless,  there  are  advices  to  follow  that  reduce   the  risk  of  attacks
Thank  you! Gregory  Grin  -­ 2015

Recommended

Computer Networks 4
Computer Networks 4Computer Networks 4
Computer Networks 4Mr Smith
 
Adult Internet Safety
Adult Internet SafetyAdult Internet Safety
Adult Internet Safetyreidcollins42
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security pptSAIKAT BISWAS
 
Network security
Network securityNetwork security
Network securityNandini Raj
 
Network Security
Network SecurityNetwork Security
Network SecurityMAJU
 
Computer Awareness Training
Computer Awareness TrainingComputer Awareness Training
Computer Awareness Trainingbsnsfadmin
 
Cyber pledge infoMagnum
Cyber pledge infoMagnumCyber pledge infoMagnum
Cyber pledge infoMagnumARUN REDDY M
 
T3 conference talk nov 2014
T3 conference talk nov 2014T3 conference talk nov 2014
T3 conference talk nov 2014Sid Yenamandra
 

Recommended

Computer Networks 4
Computer Networks 4Computer Networks 4
Computer Networks 4Mr Smith
 
Adult Internet Safety
Adult Internet SafetyAdult Internet Safety
Adult Internet Safetyreidcollins42
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security pptSAIKAT BISWAS
 
Network security
Network securityNetwork security
Network securityNandini Raj
 
Network Security
Network SecurityNetwork Security
Network SecurityMAJU
 
Computer Awareness Training
Computer Awareness TrainingComputer Awareness Training
Computer Awareness Trainingbsnsfadmin
 
Cyber pledge infoMagnum
Cyber pledge infoMagnumCyber pledge infoMagnum
Cyber pledge infoMagnumARUN REDDY M
 
T3 conference talk nov 2014
T3 conference talk nov 2014T3 conference talk nov 2014
T3 conference talk nov 2014Sid Yenamandra
 
Hacking
HackingHacking
HackingAdiela Anuar
 
Secure Your Mobile Apps
Secure Your Mobile AppsSecure Your Mobile Apps
Secure Your Mobile Appsprimomh
 
Network security
Network security Network security
Network security Madhumithah Ilango
 
Presentation network security
Presentation network securityPresentation network security
Presentation network securitycegonsoft1999
 
online and offline computer security
online and offline computer securityonline and offline computer security
online and offline computer securityAbhishek Pansuriya
 
Pure retail training non animation
Pure retail training non animationPure retail training non animation
Pure retail training non animationkatelyn-fogarty
 
Pure retail training presentation v2
Pure retail training presentation v2Pure retail training presentation v2
Pure retail training presentation v2kaspersky-lab
 
Pure retail training presentation
Pure retail training presentationPure retail training presentation
Pure retail training presentationkatelyn-fogarty
 
Computing remotely in a secure manner
Computing remotely in a secure mannerComputing remotely in a secure manner
Computing remotely in a secure mannerKevin Bryant
 
Module5 desktop-laptop-security-b
Module5 desktop-laptop-security-bModule5 desktop-laptop-security-b
Module5 desktop-laptop-security-bBbAOC
 
Network security
Network securityNetwork security
Network securityNkosinathi Lungu
 
Considerations for a secure internet of things for cities and communities
Considerations for a secure internet of things for cities and communitiesConsiderations for a secure internet of things for cities and communities
Considerations for a secure internet of things for cities and communitiesMrinal Wadhwa
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7AfiqEfendy Zaen
 
Computer and network security
Computer and network securityComputer and network security
Computer and network securityKarwan Mustafa Kareem
 
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless NetworksLiving in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless NetworksChema Alonso
 
Wireless security
Wireless securityWireless security
Wireless securityNguyen Minh Thu
 
CeBIT SCALE 11 pitch
CeBIT SCALE 11 pitchCeBIT SCALE 11 pitch
CeBIT SCALE 11 pitchEric Larcheveque
 
Cyber Espionage: Are You Being Hunted?
Cyber Espionage: Are You Being Hunted?Cyber Espionage: Are You Being Hunted?
Cyber Espionage: Are You Being Hunted?5 Minute Webinars
 
secureIoT Presentation #1
secureIoT Presentation #1secureIoT Presentation #1
secureIoT Presentation #1Mel Savich
 
Computer security
Computer securityComputer security
Computer securityRobin E. Beavers
 
Sistemas operativos emilio
Sistemas operativos emilioSistemas operativos emilio
Sistemas operativos emilioEmilioJoseRodriguezCanete
 
Inventory Valuation
Inventory ValuationInventory Valuation
Inventory Valuationrichards9696
 

More Related Content

What's hot

Secure Your Mobile Apps
Secure Your Mobile AppsSecure Your Mobile Apps
Secure Your Mobile Appsprimomh
 
Presentation network security
Presentation network securityPresentation network security
Presentation network securitycegonsoft1999
 
online and offline computer security
online and offline computer securityonline and offline computer security
online and offline computer securityAbhishek Pansuriya
 
Pure retail training non animation
Pure retail training non animationPure retail training non animation
Pure retail training non animationkatelyn-fogarty
 
Pure retail training presentation v2
Pure retail training presentation v2Pure retail training presentation v2
Pure retail training presentation v2kaspersky-lab
 
Pure retail training presentation
Pure retail training presentationPure retail training presentation
Pure retail training presentationkatelyn-fogarty
 
Computing remotely in a secure manner
Computing remotely in a secure mannerComputing remotely in a secure manner
Computing remotely in a secure mannerKevin Bryant
 
Module5 desktop-laptop-security-b
Module5 desktop-laptop-security-bModule5 desktop-laptop-security-b
Module5 desktop-laptop-security-bBbAOC
 
Considerations for a secure internet of things for cities and communities
Considerations for a secure internet of things for cities and communitiesConsiderations for a secure internet of things for cities and communities
Considerations for a secure internet of things for cities and communitiesMrinal Wadhwa
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7AfiqEfendy Zaen
 
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless NetworksLiving in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless NetworksChema Alonso
 
Cyber Espionage: Are You Being Hunted?
Cyber Espionage: Are You Being Hunted?Cyber Espionage: Are You Being Hunted?
Cyber Espionage: Are You Being Hunted?5 Minute Webinars
 
secureIoT Presentation #1
secureIoT Presentation #1secureIoT Presentation #1
secureIoT Presentation #1Mel Savich
 

What's hot (20)

Hacking
HackingHacking
Hacking
 
Secure Your Mobile Apps
Secure Your Mobile AppsSecure Your Mobile Apps
Secure Your Mobile Apps
 
Network security
Network security Network security
Network security
 
Presentation network security
Presentation network securityPresentation network security
Presentation network security
 
online and offline computer security
online and offline computer securityonline and offline computer security
online and offline computer security
 
Pure retail training non animation
Pure retail training non animationPure retail training non animation
Pure retail training non animation
 
Pure retail training presentation v2
Pure retail training presentation v2Pure retail training presentation v2
Pure retail training presentation v2
 
Pure retail training presentation
Pure retail training presentationPure retail training presentation
Pure retail training presentation
 
Computing remotely in a secure manner
Computing remotely in a secure mannerComputing remotely in a secure manner
Computing remotely in a secure manner
 
Module5 desktop-laptop-security-b
Module5 desktop-laptop-security-bModule5 desktop-laptop-security-b
Module5 desktop-laptop-security-b
 
Network security
Network securityNetwork security
Network security
 
Considerations for a secure internet of things for cities and communities
Considerations for a secure internet of things for cities and communitiesConsiderations for a secure internet of things for cities and communities
Considerations for a secure internet of things for cities and communities
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7
 
Computer and network security
Computer and network securityComputer and network security
Computer and network security
 
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless NetworksLiving in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
 
Wireless security
Wireless securityWireless security
Wireless security
 
CeBIT SCALE 11 pitch
CeBIT SCALE 11 pitchCeBIT SCALE 11 pitch
CeBIT SCALE 11 pitch
 
Cyber Espionage: Are You Being Hunted?
Cyber Espionage: Are You Being Hunted?Cyber Espionage: Are You Being Hunted?
Cyber Espionage: Are You Being Hunted?
 
secureIoT Presentation #1
secureIoT Presentation #1secureIoT Presentation #1
secureIoT Presentation #1
 
Computer security
Computer securityComputer security
Computer security
 

Viewers also liked

Inventory Valuation
Inventory ValuationInventory Valuation
Inventory Valuationrichards9696
 
Y tú que haces estudias o aprehendes
Y tú que haces estudias o aprehendesY tú que haces estudias o aprehendes
Y tú que haces estudias o aprehendesenfermeriamisahuamam
 
Media institutions
Media institutions Media institutions
Media institutions Jordz99
 
Exceptions in java
Exceptions in javaExceptions in java
Exceptions in javaManav Prasad
 
Introduction to REST
Introduction to RESTIntroduction to REST
Introduction to RESTkumar gaurav
 
Presentations tips
Presentations tipsPresentations tips
Presentations tipsrioulrich
 
Internet der Ingenieure - reale und virtuelle Welten verschmelzen - AWS IoT W...
Internet der Ingenieure - reale und virtuelle Welten verschmelzen - AWS IoT W...Internet der Ingenieure - reale und virtuelle Welten verschmelzen - AWS IoT W...
Internet der Ingenieure - reale und virtuelle Welten verschmelzen - AWS IoT W...AWS Germany
 
' Rational Numbers ' - The Maths Quiz with a crappy title :-D
' Rational Numbers ' - The Maths Quiz with a crappy title :-D' Rational Numbers ' - The Maths Quiz with a crappy title :-D
' Rational Numbers ' - The Maths Quiz with a crappy title :-DMuralikrishnan Padmakumar
 
An Introduction to Voice and SMS in LTE Networks
An Introduction to Voice and SMS in LTE NetworksAn Introduction to Voice and SMS in LTE Networks
An Introduction to Voice and SMS in LTE NetworkseXplanoTech
 
tema 1 los seres vivos 2 eso
tema 1 los seres vivos 2 eso tema 1 los seres vivos 2 eso
tema 1 los seres vivos 2 esoN Flores
 
Open Data als Chance für die IT-Branche
Open Data als Chance für die IT-BrancheOpen Data als Chance für die IT-Branche
Open Data als Chance für die IT-BrancheRobert Seyfriedsberger
 
Notbeleuchtung Normenänderungen 2015
Notbeleuchtung Normenänderungen 2015Notbeleuchtung Normenänderungen 2015
Notbeleuchtung Normenänderungen 2015Lea-María Louzada
 

Viewers also liked (20)

Sistemas operativos emilio
Sistemas operativos emilioSistemas operativos emilio
Sistemas operativos emilio
 
Inventory Valuation
Inventory ValuationInventory Valuation
Inventory Valuation
 
Anish Mondal
Anish MondalAnish Mondal
Anish Mondal
 
Y tú que haces estudias o aprehendes
Y tú que haces estudias o aprehendesY tú que haces estudias o aprehendes
Y tú que haces estudias o aprehendes
 
Media institutions
Media institutions Media institutions
Media institutions
 
Exceptions in java
Exceptions in javaExceptions in java
Exceptions in java
 
Medio ambiente
Medio ambienteMedio ambiente
Medio ambiente
 
Introduction to REST
Introduction to RESTIntroduction to REST
Introduction to REST
 
Sci fi film plan
Sci fi film planSci fi film plan
Sci fi film plan
 
Presentations tips
Presentations tipsPresentations tips
Presentations tips
 
Latihan pdf word
Latihan pdf wordLatihan pdf word
Latihan pdf word
 
Dergi tasarim dunyasi
Dergi tasarim dunyasiDergi tasarim dunyasi
Dergi tasarim dunyasi
 
Internet der Ingenieure - reale und virtuelle Welten verschmelzen - AWS IoT W...
Internet der Ingenieure - reale und virtuelle Welten verschmelzen - AWS IoT W...Internet der Ingenieure - reale und virtuelle Welten verschmelzen - AWS IoT W...
Internet der Ingenieure - reale und virtuelle Welten verschmelzen - AWS IoT W...
 
' Rational Numbers ' - The Maths Quiz with a crappy title :-D
' Rational Numbers ' - The Maths Quiz with a crappy title :-D' Rational Numbers ' - The Maths Quiz with a crappy title :-D
' Rational Numbers ' - The Maths Quiz with a crappy title :-D
 
An Introduction to Voice and SMS in LTE Networks
An Introduction to Voice and SMS in LTE NetworksAn Introduction to Voice and SMS in LTE Networks
An Introduction to Voice and SMS in LTE Networks
 
tema 1 los seres vivos 2 eso
tema 1 los seres vivos 2 eso tema 1 los seres vivos 2 eso
tema 1 los seres vivos 2 eso
 
Webshop Analyse
Webshop Analyse Webshop Analyse
Webshop Analyse
 
Arbeiterbewegung Natur Technik
Arbeiterbewegung Natur TechnikArbeiterbewegung Natur Technik
Arbeiterbewegung Natur Technik
 
Open Data als Chance für die IT-Branche
Open Data als Chance für die IT-BrancheOpen Data als Chance für die IT-Branche
Open Data als Chance für die IT-Branche
 
Notbeleuchtung Normenänderungen 2015
Notbeleuchtung Normenänderungen 2015Notbeleuchtung Normenänderungen 2015
Notbeleuchtung Normenänderungen 2015
 

Similar to Swisscom: Smart Homes & Security Risks

Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application SecurityNicholas Davis
 
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson
 
Internet of things (IoT) Architecture Security Analysis
Internet of things (IoT) Architecture Security AnalysisInternet of things (IoT) Architecture Security Analysis
Internet of things (IoT) Architecture Security AnalysisDaksh Raj Chopra
 
TheInternetDigitalSecurityfddreeere.pptx
TheInternetDigitalSecurityfddreeere.pptxTheInternetDigitalSecurityfddreeere.pptx
TheInternetDigitalSecurityfddreeere.pptxHAYDEECAYDA
 
Personal Internet Security System
Personal Internet Security SystemPersonal Internet Security System
Personal Internet Security SystemMatthew Bricker
 
Cyber Security and GDPR Made Easy
Cyber Security and GDPR Made EasyCyber Security and GDPR Made Easy
Cyber Security and GDPR Made EasyChristoanSmit
 
Basic_computerHygiene
Basic_computerHygieneBasic_computerHygiene
Basic_computerHygieneEricK Gasana
 
Giarritano concept paper 4
Giarritano concept paper 4Giarritano concept paper 4
Giarritano concept paper 4leahg118
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computingDigital Shende
 
Password selection,piggybacking-
Password selection,piggybacking-Password selection,piggybacking-
Password selection,piggybacking-Baljit Saini
 
LoginCat from TekMonks
LoginCat from TekMonksLoginCat from TekMonks
LoginCat from TekMonksRohit Kapoor
 
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet ChallengeWSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet ChallengeWSO2
 
Don't Diligence Information Security for Lawyers
Don't Diligence Information Security for LawyersDon't Diligence Information Security for Lawyers
Don't Diligence Information Security for Lawyersdarrentthurston
 

Similar to Swisscom: Smart Homes & Security Risks (20)

Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application Security
 
10 things to teach end users
10 things to teach end users10 things to teach end users
10 things to teach end users
 
BluBØX Intro
BluBØX IntroBluBØX Intro
BluBØX Intro
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT Security
 
Internet of things (IoT) Architecture Security Analysis
Internet of things (IoT) Architecture Security AnalysisInternet of things (IoT) Architecture Security Analysis
Internet of things (IoT) Architecture Security Analysis
 
Secure End User
Secure End UserSecure End User
Secure End User
 
TheInternetDigitalSecurityfddreeere.pptx
TheInternetDigitalSecurityfddreeere.pptxTheInternetDigitalSecurityfddreeere.pptx
TheInternetDigitalSecurityfddreeere.pptx
 
Dr. Alan Shark
Dr. Alan SharkDr. Alan Shark
Dr. Alan Shark
 
Personal Internet Security System
Personal Internet Security SystemPersonal Internet Security System
Personal Internet Security System
 
Cyber Security and GDPR Made Easy
Cyber Security and GDPR Made EasyCyber Security and GDPR Made Easy
Cyber Security and GDPR Made Easy
 
Basic_computerHygiene
Basic_computerHygieneBasic_computerHygiene
Basic_computerHygiene
 
Giarritano concept paper 4
Giarritano concept paper 4Giarritano concept paper 4
Giarritano concept paper 4
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
 
Password selection,piggybacking-
Password selection,piggybacking-Password selection,piggybacking-
Password selection,piggybacking-
 
The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?
 
LoginCat from TekMonks
LoginCat from TekMonksLoginCat from TekMonks
LoginCat from TekMonks
 
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet ChallengeWSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
 
Broken by design (Danny Fullerton)
Broken by design (Danny Fullerton)Broken by design (Danny Fullerton)
Broken by design (Danny Fullerton)
 
Don't Diligence Information Security for Lawyers
Don't Diligence Information Security for LawyersDon't Diligence Information Security for Lawyers
Don't Diligence Information Security for Lawyers
 

More from Lea-María Louzada

Methoden für die Fehlererkennung im Gebäudebetrieb
Methoden für die Fehlererkennung im GebäudebetriebMethoden für die Fehlererkennung im Gebäudebetrieb
Methoden für die Fehlererkennung im GebäudebetriebLea-María Louzada
 
LED/OLED Die Digitalisierung des Lichts – eine Vorausschau
LED/OLED Die Digitalisierung des Lichts – eine VorausschauLED/OLED Die Digitalisierung des Lichts – eine Vorausschau
LED/OLED Die Digitalisierung des Lichts – eine VorausschauLea-María Louzada
 
Wettbewerbliche Ausschreibung: die Förderprogramme effelux, effeLED und effeS...
Wettbewerbliche Ausschreibung: die Förderprogramme effelux, effeLED und effeS...Wettbewerbliche Ausschreibung: die Förderprogramme effelux, effeLED und effeS...
Wettbewerbliche Ausschreibung: die Förderprogramme effelux, effeLED und effeS...Lea-María Louzada
 
Lichtrevolution 2.0: LED - die Zukunft hat erst begonnen
Lichtrevolution 2.0: LED - die Zukunft hat erst begonnenLichtrevolution 2.0: LED - die Zukunft hat erst begonnen
Lichtrevolution 2.0: LED - die Zukunft hat erst begonnenLea-María Louzada
 
casacom solutions ag: Bandbreite durchs Haus
casacom solutions ag: Bandbreite durchs Hauscasacom solutions ag: Bandbreite durchs Haus
casacom solutions ag: Bandbreite durchs HausLea-María Louzada
 
Stromeffizienz in der Gebäudetechnik
Stromeffizienz in der GebäudetechnikStromeffizienz in der Gebäudetechnik
Stromeffizienz in der GebäudetechnikLea-María Louzada
 
Energieeffizienz in Niederspannungsinstallationen mit Beispielen aus der Praxis
Energieeffizienz in Niederspannungsinstallationen mit Beispielen aus der PraxisEnergieeffizienz in Niederspannungsinstallationen mit Beispielen aus der Praxis
Energieeffizienz in Niederspannungsinstallationen mit Beispielen aus der PraxisLea-María Louzada
 
Pilot- und Demonstrationsprojekt – Neubau HKG Aarau
Pilot- und Demonstrationsprojekt – Neubau HKG AarauPilot- und Demonstrationsprojekt – Neubau HKG Aarau
Pilot- und Demonstrationsprojekt – Neubau HKG AarauLea-María Louzada
 
Bildungsinitiative der Bauwirtschaft
Bildungsinitiative der BauwirtschaftBildungsinitiative der Bauwirtschaft
Bildungsinitiative der BauwirtschaftLea-María Louzada
 
Elektrotechnik - Schlüsseldisziplin der Energiestrategie 2050
Elektrotechnik - Schlüsseldisziplin der Energiestrategie 2050Elektrotechnik - Schlüsseldisziplin der Energiestrategie 2050
Elektrotechnik - Schlüsseldisziplin der Energiestrategie 2050Lea-María Louzada
 
Breitband als Standortfaktor für Gemeinden
Breitband als Standortfaktor für GemeindenBreitband als Standortfaktor für Gemeinden
Breitband als Standortfaktor für GemeindenLea-María Louzada
 
KNX Gebäudesystemtechnik - Technik von heute für Innovationen von morgen!
KNX Gebäudesystemtechnik - Technik von heute für Innovationen von morgen!KNX Gebäudesystemtechnik - Technik von heute für Innovationen von morgen!
KNX Gebäudesystemtechnik - Technik von heute für Innovationen von morgen!Lea-María Louzada
 
Intelligente Steuerungstechnologie für LED
Intelligente Steuerungstechnologie für LEDIntelligente Steuerungstechnologie für LED
Intelligente Steuerungstechnologie für LEDLea-María Louzada
 
Energieeffiziente Lichtlösungen im Zweckbau
Energieeffiziente Lichtlösungen im ZweckbauEnergieeffiziente Lichtlösungen im Zweckbau
Energieeffiziente Lichtlösungen im ZweckbauLea-María Louzada
 
Das neue energiepolitische Umfeld
Das neue energiepolitische UmfeldDas neue energiepolitische Umfeld
Das neue energiepolitische UmfeldLea-María Louzada
 
STEINEL ACADEMY – BEWEGUNGSMELDER UND LED
STEINEL ACADEMY – BEWEGUNGSMELDER UND LEDSTEINEL ACADEMY – BEWEGUNGSMELDER UND LED
STEINEL ACADEMY – BEWEGUNGSMELDER UND LEDLea-María Louzada
 
Anforderungen an Tunable White – Beispiel Lenbachhaus München
Anforderungen an Tunable White – Beispiel Lenbachhaus MünchenAnforderungen an Tunable White – Beispiel Lenbachhaus München
Anforderungen an Tunable White – Beispiel Lenbachhaus MünchenLea-María Louzada
 
Personalrestaurant mit LED-Beleuchtung
Personalrestaurant mit LED-BeleuchtungPersonalrestaurant mit LED-Beleuchtung
Personalrestaurant mit LED-BeleuchtungLea-María Louzada
 
LED – vom Licht zum Stimmungsmacher
LED – vom Licht zum StimmungsmacherLED – vom Licht zum Stimmungsmacher
LED – vom Licht zum StimmungsmacherLea-María Louzada
 

More from Lea-María Louzada (20)

Methoden für die Fehlererkennung im Gebäudebetrieb
Methoden für die Fehlererkennung im GebäudebetriebMethoden für die Fehlererkennung im Gebäudebetrieb
Methoden für die Fehlererkennung im Gebäudebetrieb
 
LED/OLED Die Digitalisierung des Lichts – eine Vorausschau
LED/OLED Die Digitalisierung des Lichts – eine VorausschauLED/OLED Die Digitalisierung des Lichts – eine Vorausschau
LED/OLED Die Digitalisierung des Lichts – eine Vorausschau
 
Wettbewerbliche Ausschreibung: die Förderprogramme effelux, effeLED und effeS...
Wettbewerbliche Ausschreibung: die Förderprogramme effelux, effeLED und effeS...Wettbewerbliche Ausschreibung: die Förderprogramme effelux, effeLED und effeS...
Wettbewerbliche Ausschreibung: die Förderprogramme effelux, effeLED und effeS...
 
Lichtrevolution 2.0: LED - die Zukunft hat erst begonnen
Lichtrevolution 2.0: LED - die Zukunft hat erst begonnenLichtrevolution 2.0: LED - die Zukunft hat erst begonnen
Lichtrevolution 2.0: LED - die Zukunft hat erst begonnen
 
casacom solutions ag: Bandbreite durchs Haus
casacom solutions ag: Bandbreite durchs Hauscasacom solutions ag: Bandbreite durchs Haus
casacom solutions ag: Bandbreite durchs Haus
 
Stromeffizienz in der Gebäudetechnik
Stromeffizienz in der GebäudetechnikStromeffizienz in der Gebäudetechnik
Stromeffizienz in der Gebäudetechnik
 
Energieeffizienz in Niederspannungsinstallationen mit Beispielen aus der Praxis
Energieeffizienz in Niederspannungsinstallationen mit Beispielen aus der PraxisEnergieeffizienz in Niederspannungsinstallationen mit Beispielen aus der Praxis
Energieeffizienz in Niederspannungsinstallationen mit Beispielen aus der Praxis
 
Verwaltungsbau Stratasys
Verwaltungsbau StratasysVerwaltungsbau Stratasys
Verwaltungsbau Stratasys
 
Pilot- und Demonstrationsprojekt – Neubau HKG Aarau
Pilot- und Demonstrationsprojekt – Neubau HKG AarauPilot- und Demonstrationsprojekt – Neubau HKG Aarau
Pilot- und Demonstrationsprojekt – Neubau HKG Aarau
 
Bildungsinitiative der Bauwirtschaft
Bildungsinitiative der BauwirtschaftBildungsinitiative der Bauwirtschaft
Bildungsinitiative der Bauwirtschaft
 
Elektrotechnik - Schlüsseldisziplin der Energiestrategie 2050
Elektrotechnik - Schlüsseldisziplin der Energiestrategie 2050Elektrotechnik - Schlüsseldisziplin der Energiestrategie 2050
Elektrotechnik - Schlüsseldisziplin der Energiestrategie 2050
 
Breitband als Standortfaktor für Gemeinden
Breitband als Standortfaktor für GemeindenBreitband als Standortfaktor für Gemeinden
Breitband als Standortfaktor für Gemeinden
 
KNX Gebäudesystemtechnik - Technik von heute für Innovationen von morgen!
KNX Gebäudesystemtechnik - Technik von heute für Innovationen von morgen!KNX Gebäudesystemtechnik - Technik von heute für Innovationen von morgen!
KNX Gebäudesystemtechnik - Technik von heute für Innovationen von morgen!
 
Intelligente Steuerungstechnologie für LED
Intelligente Steuerungstechnologie für LEDIntelligente Steuerungstechnologie für LED
Intelligente Steuerungstechnologie für LED
 
Energieeffiziente Lichtlösungen im Zweckbau
Energieeffiziente Lichtlösungen im ZweckbauEnergieeffiziente Lichtlösungen im Zweckbau
Energieeffiziente Lichtlösungen im Zweckbau
 
Das neue energiepolitische Umfeld
Das neue energiepolitische UmfeldDas neue energiepolitische Umfeld
Das neue energiepolitische Umfeld
 
STEINEL ACADEMY – BEWEGUNGSMELDER UND LED
STEINEL ACADEMY – BEWEGUNGSMELDER UND LEDSTEINEL ACADEMY – BEWEGUNGSMELDER UND LED
STEINEL ACADEMY – BEWEGUNGSMELDER UND LED
 
Anforderungen an Tunable White – Beispiel Lenbachhaus München
Anforderungen an Tunable White – Beispiel Lenbachhaus MünchenAnforderungen an Tunable White – Beispiel Lenbachhaus München
Anforderungen an Tunable White – Beispiel Lenbachhaus München
 
Personalrestaurant mit LED-Beleuchtung
Personalrestaurant mit LED-BeleuchtungPersonalrestaurant mit LED-Beleuchtung
Personalrestaurant mit LED-Beleuchtung
 
LED – vom Licht zum Stimmungsmacher
LED – vom Licht zum StimmungsmacherLED – vom Licht zum Stimmungsmacher
LED – vom Licht zum Stimmungsmacher
 

Recently uploaded

Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 

Recently uploaded (20)

Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 

Swisscom: Smart Homes & Security Risks

  • 1. Smart  Homes   & Security  Risks Gregory  Grin  -­ 2015
  • 2.
  • 4. 4 The  more  we  transform  our  life  in  a  digital  life,  the  more  intimate   information  is  potentially  available
  • 5.
  • 6. But,  this  is  not  a  new  situation.  This  is  already  the  case  in  a   “non-­digital” life…
  • 7. And  we  take  measures  to  protect  ourselves
  • 8. There  is  no  reason  to  not  do  the  same  in  our  digital  life  and   while  using  Smart  Home  solutions
  • 9. It  looks  like  there  is  a  Digital  Paranoia  trend  nowadays
  • 10. Proposed  approach  while  considering  Smart  Home  solutions  for   your  house:  A  Healthy  Digital  Paranoia
  • 11. 1. Physical  Access 2. Wi-­Fi 3. Passwords 4. Cloud  vs.  local 5. Connectivity  within  the  Smart  Home  System 6. Interface 7. Systems  with  preventive  measures 8. Firmware
  • 12. “Please  destroy  all  my   smart  home  system,  all   my  home  automation  &   comfort,  as  well  as  all  my   rainy  Saturday   afternoons  spent  at   configuring   it  and  making   it  work…” The  so  called  “Hammer  Invitation”
  • 13. Consider  locking  your  Ethernet  sockets    
  • 14. Secure  your  Wi-­Fi  network 1. Don’t  stay  with  the  default  settings  (there  is  a  hacker  public   database  with  them) 2. Create  a  long  complex  password  chain  and  do  not  hide  it  on  a   sticker  under  the  router… 3. Don’t  use  your  name,  home  address  or  other  personal  information   in  the  SSID  name 4. Enable  the  highest  level  of  network  encryption,  and  use  a  Smart   Home  system  that  supports  it 5. Consider  MAC  address  filtering 6. Potentially  reduce  the  range  of  your  Wi-­Fi  network 7. Upgrade  your  router  Firmware 8. Consider  a  separate  home  network  for  your  smart home  installation
  • 15. Passwords § Don’t  stay  with  the  default  settings  of  your  Smart   Home  system § Create  long  and  complex  passwords for  your  Smart   Home  devices § Don’t  use  the  same  password  everywhere § If  you  are  afraid  to  forget  your  passwords,  use  a   password  management  tool
  • 16. Cloud  vs.  local § Consider  a  Smart  Home  system  with  which  you  can  specify  what   you  want  to  be  on  the  cloud  and  what  you  want  to  keep  local  for   privacy  reasons § Local  /  cloud  duplication  is  also  an  interesting  feature  from  a   security  point  of  view  but  not  only § How  is  the  communication  between  the  cloud  and  the  Smart  Home   System  handled?  Https?  With  a  trusted  certificate?  With  mutual   SSL  authentication?  With  an  additional  level  of  encryption?   § Where  is  the  cloud?  Is  it  hosted  in  a  serious  place  that  would  resist   to  attacks? § Does  your  system  provide a  standalone  option  without internet  and  cloud?
  • 17. Connectivity  within  the  Smart  Home  System § How  do  the  sensors  communicate  to  the  outside  or  to  a   Smart  Home  Gateway? § Is  it  possible  to  use  a  mix  of  wireless  and  wired   connections? § Does  the  system  use  standards  (KNX,  Z-­Wave,  Dect,…)   that  enforce  a  reasonable  level  of  security  and   encryption?
  • 18. Interface § Does  your  system  require  to  change  any  default  password  at  start? § Does  it  allow  and  encourage  the  use  of  strong  password  (>=8   characters,  upper  case,  symbols,  numbers) § No  hard-­coded  password  is  used § How  does  the  interface  react  after  multiple  attempt  of  login  with   wrong  password?  (brut  force  attack) § How  does  automatic  login  work?   § Is  it  possible  to  disable  features  that  are  not  being  used? § Is  the  web  interface  secured  from  bugs listed  in  the  OWASP  top  ten  vulnerabilities? § Can  you  modify  privacy  and  security settings? § Is  there  a  privacy  mode?  How  does  it  work?
  • 19. System  with  preventive  measures § Does  your  system  react  to  jamming?  How? § Does  your  system  react  to  network  and  Wi-­Fi  failure?  How? § Does  your  system  send  you  notifications  when  it  changes  of   state? § How  does  your  system  restart  and  reacts  when  there  is  an   outage?   § Is  there  a  fail-­safe  mode? § How  does  the  system/device react  to  tempering? § Does  the  system  require user’s  approval  to  enter  in maintenance   mode?
  • 20. Firmware § Is  there  a  simple  and  secured  update  process? § Are  firmware  upgrades  of  the  devices  signed  and   encrypted? § Can  firmware  upgrades  be  controlled   by  users? § How  does  the  system  react  in  terms  of  unrequested   firmware  upgrades?
  • 21. Conclusion § Unfortunately,  it  is  difficult  for  users  to  secure  their   Smart  Home  themselves,  as  most  systems  do  not   provide  a  secure  mode  of  operation § Nonetheless,  there  are  advices  to  follow  that  reduce   the  risk  of  attacks