The "Internet of Things" (IoT) is a fast growing segment of all techonologies. Being able to connect to your home thermostat, remotely lock (or unlock) your front door or operate a surveillance camera in your home or office all are very intriguing. But like a lot of things - Danger Lurks!
The following article from "Krebs on Security" is fairly dense reading, but does a great job of describing many of the potential security issues surrounding the IoT. Like many issues involving Internet techologies, there are ways to do things right. Usually, they are not the easiest to implement and rarely are they inexpensive, however we caution all our clients to make sure that the fancy new gizmo that you want to add to your network doesn't inadvertantly create an enormous security hole!
Imagine buying an internet-enabled surveillance camera, network attached storage device, or home automation gizmo, only to find that it secretly and constantly phones home to a vast peer-to-peer (P2P) network run by the Chinese manufacturer of the hardware. Now imagine that the geek gear you bought doesn’t actually let you block this P2P communication without some serious networking expertise or hardware surgery that few users would attempt.
The FI9286P, a Foscam camera that includes P2P communication by default.
This is the nightmare “Internet of Things” (IoT) scenario for any system administrator: The IP cameras that you bought to secure your physical space suddenly turn into a vast cloud network designed to share your pictures and videos far and wide. The best part? It’s all plug-and-play, no configuration necessary!
The entire entry is at: