•   
  •   
  •   

Technology How to stop hackers from rickrolling your smart speaker

22:02  29 december  2017
22:02  29 december  2017 Source:   popsci.com

Mobile-app errors expose data on 180 million phones: security firm

  Mobile-app errors expose data on 180 million phones: security firm The findings highlight new threats posed by the increasing use of third-party services such as Twilio that provide mobile apps with functions like text messaging and audio calls. Developers can inadvertently introduce security vulnerabilities if they do not properly code or configure such services.“This isn't just limited to Twilio. It's a common problem across third-party services," Hardy said. "We often notice that if they make a mistake with one service, they will do so with other services as well.”Many apps use Twilio to send text messages, process phone calls and handle other services.

Vulnerabilities in smart speakers from Sonos and Bose expose three bad Wi-Fi habits well-worth breaking. While the Trend Micro team found that some 500 Bose SoundTouch speakers and up to 5,000 Sonos Play:1 and Sonos One systems were exposed to remote hijacking, the exposure could

The future is now: Prank-happy hackers can apparently crack into smart speakers to cue up songs and spooky sounds. While the Trend Micro team found that some 500 Bose SoundTouch speakers and up to 5,000 Sonos Play:1 and Sonos One systems were exposed to remote hijacking, the

a shelf with many different items on display: Sonos One © Courtesy Sonos Sonos One

The future is now: Prank-happy hackers can apparently crack into smart speakers to cue up songs and spooky sounds. The vulnerability, identified by security firm Trend Micro in a new case study, exposes user data like device names and email addresses associated with streaming-music services—just enough info to allow for targeted earworm attacks. Disturbingly, the researchers needed only basic Internet-scanning tools to ID target-able devices.

The culprit: Crappy home-network security habits.

While the Trend Micro team found that some 500 Bose SoundTouch speakers and up to 5,000 Sonos Play:1 and Sonos One systems were exposed to remote hijacking, the exposure could stretch well beyond the specific devices they scrutinized.

The TicHome Mini smart speaker is a Google Assistant you can shower with

  The TicHome Mini smart speaker is a Google Assistant you can shower with The TicHome Mini is a welcome newcomer in the world of smart speakers. It brings some excellent features that currently aren’t available on other Google Home devices, such as IPX6 splash-resistance and a built-in battery. At first glance Mobvoi’s TicHome Mini looks like a baby Roomba, or slightly less like a hockey puck than an Echo Dot. It’s also slightly larger than the Echo Dot or Google Home Mini, at over 4 inches in diameter. And it comes with an attached strap, giving it a leg up in convenience — you can hang it on the wall or dangle it from a bicycle or backpack.

Resolve to be smarter about network security in 2018.

rickrolling - your - smart - speaker -d34a2f41a3e9. By Corinne Iozzio. The future is now: Prank-happy hackers can apparently crack into smart speakers to cue up songs and spooky sounds.

For the moment, the implications of this vulnerability scarcely go beyond a funny prank, but the research should serve an important reminder to be vigilant about home network security. “It changes very quickly,” says Mark Nunnikhoven, a research director at Trend Micro, “it turns on a dime, and all of the sudden it’s not funny anymore.” The report, he continues, shines a light on significant security issues we should all keep in mind as we use more and more smart technologies in our homes.

It’s almost 2018, and we’re still reminding ourselves about the basics of securing our devices. Please, resolve to do these three things.

Don’t ignore firmware updates

We get it, software updates are annoying. They clog up your notifications and put the brakes on your uncontrollable, momentary urge to blast “Despacito” at full volume. But, more and more often, those patches contain vital security updates. “Software does have mistakes, and it needs to be regularly maintained,” says Nunnikhoven, “The small pain of updating those things will have real impact downstream.”

This phone carrier is building its own smart speaker

  This phone carrier is building its own smart speaker Republic Wireless' smart speaker appears to take a calls-first mantra.On Friday, wireless carrier Republic Wireless indicated it's taking the opposite approach, saying it plans to enter the space with a speaker that appears to be all about phone calls.

rickrolling - your - smart - speaker -d34a2f41a3e9. By Corinne Iozzio. The future is now: Prank-happy hackers can apparently crack into smart speakers to cue up songs and spooky sounds.

The future is now: Prank-happy hackers can apparently crack into smart speakers to cue up songs and spooky sounds. The vulnerability, identified by security firm Trend Micro in a new case study, exposes user data like device names and…

In this case, Trend Micro did Sonos and Bose the kindness of alerting them of their security gaps before trumpeting news of the vulnerability across the Web. That heads up gave the speaker-makers the chance to plug holes before pranksters could blast buddies with a New York Rickrollin’ Eve party mix. Sonos has subsequently pushed out an update that masked user information—the names of connected smartphones and synced streaming accounts, such as Spotify—that had been previously exposed.

Limit network chatter

It’s a simple enough concept. The more devices, hard drives, computers, and dog bowls you connect to your Wi-Fi network, the more you have to pay attention to the security settings and network access granted to each individual device. “Every device you add is a another potential attack point,” says Nunnikhoven.

Advanced users, he continues, can connect too much for their own good, allowing outside devices to remote into hard drives or servers on the network. For instance, gamers set up their own Minecraft or other servers and let other players access them. “There’s no reason to allow anything from the outside to initiate a connection into my home,” Nunnikhoven says. The only inbound network traffic, he explains, should be a direct response to a request to load a Website or song or video from a device on the network—say, a laptop or set-top box.

Apple pushes back release of HomePod speaker to 2018

  Apple pushes back release of HomePod speaker to 2018 Apple said Friday it was delaying until early next year the release of its HomePod speaker set to compete with Amazon's Alexa-powered devices and Google Home as a smart home and music hub. The delay means Apple will miss the key holiday shopping season in the fast-growing segment of connected speakers."We can't wait for people to experience HomePod, Apple's breakthrough wireless speaker for the home, but we need a little more time before it's ready for our customers," Apple said in an emailed statement."We'll start shipping in the US, UK and Australia in early 2018.

The future is now: Prank-happy hackers can apparently crack into smart speakers to cue up songs and spooky sounds. The vulnerability, identified by security firm Trend Micro in a new case study, exposes user data like device names and…

Unethical hackers are always looking for weaker points in a network system to hack the security system of your company and get a hold of confidential and new information. It is always a good idea to follow hacking forums as you will be able to pick up on all the latest methods being used.

Right out of the box, most routers are setup to block any inbound requests. But anyone with a little know-how (ya know, just enough to not know better), can dig into the settings and change that.

If you’re dead-set on sharing files, opt instead for a free or low-cost cloud service like Dropbox or Google Drive. “What hope do you have of running your own Dropbox and running it securely?” jokes Nunnikhoven.

Use a guest network

Thanks to bundled modem-and-router packages from ISPs, we collectively have better Wi-Fi network hygiene than in the past. The setups come with passwords already in place (though we should be better about resetting them, if we’re honest).

Still, giving out our network password “left, right, and center” is a habit we’d all do well to break, advises Nunnikhoven. Handing over the keys gives guests access to every object on the network—bulbs, speakers, thermostats, and so on.

Most, if not all, new routers allow you to set up a secondary guest network. This walls off Jenny-come-latelys, giving access to an Internet connection without compromising your printers and smart washing machines. Plus, if you spot someone on the guest network who shouldn’t be there, cycling over to a new password won’t send your entire connected household into disarray.

Apple confirms HomePod may leave unsightly marks on wood .
The white rings should go away after several days, the company said. The company's new internet-connected speaker and virtual assistant could leave marks behind "when placed on some wooden surfaces," Apple confirmed on Wednesday.

—   Share news in the SOC. Networks

Topical videos:

This is interesting!