A connected home is really cool, until someone else starts controlling it.
Sourced through Scoop.it from: www.pcmag.com
All of your Internet of Things devices need to communicate with your home’s smart automation controller, and with each other. And nobody wants to be locked in to a single brand of devices using a proprietary communication protocol. Most of the major vendors use a protocol called ZigBee to let devices talk to each other. According to the ZigBee Alliance website, ZigBee is “the only open, global wireless standard to provide the foundation for the Internet of Things by enabling simple and smart objects to work together, improving comfort and efficiency in everyday life.” You’ll find a lot of familiar names in the ZigBee Alliance members list. Toshiba, Philips, Huawei, Sony, Siemens, Samsung, Motorola, etc… But as you’ve likely heard of the Black Hat presentation by Tobias Zillner and Sebastian Strobl of Vienna-based Cognosec. (a whitepaper on their ZigBee research.)
Good News, for Once: Many Black Hat presentations concluded by suggesting that there’s no hope, that the security flaw can’t be patched. Not so this time. The ZigBee protocol actually includes security features that would prevent the kind of attack explicated in this presentation. If the makers of ZigBee-aware products would simply make use of that available technology, smart homes would be a lot safer.