Security Researchers Find Several Bugs In Nest Security Cameras (vice.com) 6
An anonymous reader quotes a report from Motherboard: Hackers could have logged into your Nest Cam IQ Indoor and watch whatever was happening in your home by taking advantage of a vulnerability found by security researchers. The hackers could have also prevented you from using the camera, or use access to it to break into your home network. Researchers Lilith Wyatt and Claudio Bozzato of Cisco Talos discovered the vulnerabilities and disclosed them publicly on August 19. The two found eight vulnerabilities that are based in the Nest implementation of the Weave protocol. The Weave protocol is designed specifically for communications among Internet of Things or IoT devices.
Nest has provided a firmware update that the company says will fix the vulnerabilities. The vulnerabilities apply to version 4620002 of the Nest Cam IQ indoor device. You can check the version of your camera on the Nest app. Nest says that the updates will happen automatically if your camera is connected to the internet. "We've fixed the disclosed bugs and started rolling them out to all Nest Camera IQs," Google said in a statement to ZDNet. "The devices will update automatically so there's no action required from users."
Nest has provided a firmware update that the company says will fix the vulnerabilities. The vulnerabilities apply to version 4620002 of the Nest Cam IQ indoor device. You can check the version of your camera on the Nest app. Nest says that the updates will happen automatically if your camera is connected to the internet. "We've fixed the disclosed bugs and started rolling them out to all Nest Camera IQs," Google said in a statement to ZDNet. "The devices will update automatically so there's no action required from users."
Regression (Score:2)
At least you didn't have to deal with security patches with telescreens.
Maybe they really were doubleplusgood.
Cloak and dagger is out of style (Score:5, Insightful)
It's no longer necessary for persons interested in placing you under surveillance to place listening devices and cameras inside your residence or business... the incessant need to belong to the internet of things invites you to do the grunt work for them.
Seriously - Who the hell would trust Nest after... (Score:3)
Bugs in my nest? (Score:3)
LMAO -- how long until the Canary O daze arrive? (Score:1)
The more the merrier (Score:4, Interesting)
>"Hackers could have logged into your Nest Cam IQ Indoor and watch whatever was happening in your home"
Oh, just like the Nest employees can. And any agency with a warrant can. I fail to understand why anyone who understands the technolgy would want a third party involved with any device that can monitor your life in your own home.
If you think this is limited to Nest, think again. If you think some "privacy disclaimer" is going to prevent rogue employees, hackers, and 3 letter agencies from accessing your new "cloud based/connected" camera solution, think again. Good luck on finding a solution completely under your own control nowadays.
How many people do you want joining you in your kitchen/bathroom/bedroom/living room/whatever?