Smart home can be a huge security risk

Absrtact: If, not as soon as possible to reverse the entire industrial chain to the safety of the knowledge, smart home and even the internet may be a huge hidden dangers. This is not alarmism thrillers listen. April 4, 2014, I have an exchange with Kang Xiaoning Vice president of technology, the following is a dialogue

If, not as soon as possible to reverse the entire industrial chain to the safety of the knowledge, smart home and even the internet may be a huge hidden dangers.

This is not alarmism thrillers listen.

April 4, 2014, I have an exchange with the Kang Xiaoning Vice president of technology, the following is a dialogue to organize:

Talk to the main: Recently, the National Internet Emergency Center also issued a circular that the domestic number of wireless router manufacturers have a backdoor, hackers can directly control wireless routing. What do you think of the matter?

Kang Xiaoning: There may be several levels of security problems from routers:

First, encryption means, there are several different levels of wireless encryption, in addition to WPA2, others have been able to quickly break the realization method;

Second, the user's security awareness, because even if the WPA2 encryption, hackers can be guessed by the dictionary, but many users of the password settings is very simple, natural one was cracked;

Third, the traditional routers in the design, it is not fully considered security issues, in the management interface and other aspects of the security is very weak, this also has a greater impact.

The last one is the possibility of the manufacturers to set aside the backdoor, but at this point, the big manufacturers will not take the risk of self-destruction.

Of course, most of the current routers have switched to more secure encryption and more secure management settings.

As far as we are concerned, the first is to adopt a more secure security management mechanism design, the second is the IDs (core intrusion detection system) attached to the router, as long as the detection of someone to come in, even in the attack in the timely alarm, and take the initiative to kick him out.

The main: Recently, the internet has been circulating a joke, tell a hacker how to crack the network of routers, to step by step to crack the neighbor's account number, password, all kinds of information, and even to monitor the neighbors, which makes us feel like nothing safe.

Kang Xiaoning: Strictly speaking, the following attacks and the security of the router is not the same thing. If the hacker entered the user's network, the following attack mode is fixed, the user all the information must go through its sniff, nature can do what to do.

In this sense, many public WiFi is not safe now, because other people can easily access the network and launch attacks. So we are preparing to use the mobile client to secure the public wireless, and keep you connected Wi-Fi safe.

Talk to the main: If the router is unsafe, what risks can it bring?

Kang Xiaoning: In the past, we all said that if the network is not safe, your worst possibility is that the information in the computer is taken away and the computer is destroyed. And now, because our life is highly information-based, from computers, mobile phones to home, cars, wearable and other links, are always linked online, if the security problems, the danger will be much higher than the past.

And the biggest problem is that, in these respects, our attention is far from enough.

For example, this time, I and smart home manufacturers have a lot of contact, the results I am very surprised.

First, the manufacturers themselves to do the agreement, the use of technology is not the same, from WiFi, Bluetooth, ZigBee and even infrared, their own closed system, the future is difficult to interconnect interoperability, operational problem;

The second is that manufacturers have very little knowledge of safety, either completely without consideration for safety or know how to do it safely. Many smart home systems and products, at first glance design seems to be very safe, but a careful look but the loopholes, which makes us very worried.

For example, once there was a manufacturer introducing intelligent light bulbs, can network to carry out the switch, but its communication key is written dead, as long as the hacker cracked to get the address, do not need to invade into the local area network, you can remotely control it; and because it's written dead, so unless the user changes a light bulb, There is no way to do anything to stop hackers from acting again.

Similar to wearable equipment, at a hacker conference this year, it was demonstrated that through wireless interference, the pacemaker failed.

It can be said that in the future, as long as the existence of computer logic equipment, and network connections, are likely to be attacked, and now the trend is a high combination of hardware and software, if the hardware security system or after the creation can not be changed, it is more dangerous.

Therefore, our safety concept must jump out of the past computer and mobile phone, must have a higher overall security thinking, otherwise, smart home once the scale of promotion, it is possible to have disastrous consequences.

Talk to the Lord: To solve this problem, what are the most critical jobs?

Kang Xiaoning: 1, regardless of intelligent home, wearable, smart car or more fields, must have adequate safety awareness, prepare ahead of time, and try to leave the room to upgrade, perfect.

2, in this process, must attach great importance to the role of Network Center.

Routers have two features, one is 24 hours online, the second is that it will become the future of smart home central controller.

There was a network of things before the manufacturers feel that I do the product directly by the people on the line, later found that smart home is actually spanning two domains: The home is a trusting domain, and the Internet is an open domain, a need for convenience, a need for security, if there is no router to do this door, smart devices will either inconvenient, or unsafe.

Talk about the main: Now the router configuration and function, seems not enough?

Kang Xiaoning: There are historical reasons. Until a few years ago, the router configuration is very low, basically unbearable, because at that time everyone to computer Internet-oriented, the computer has a relatively strong security protection system, the importance of the security of the router is not big.

But in the smartphone market after the outbreak, router hardware level began to soar, this is a software hardware process. It can be said that the future smart home, wearable market after the rise of smart routers, hardware and software performance and functional configuration, but also be pushed upward rapid development.

Talk to the Lord: So now we see that a lot of big companies are announcing smart routes.

Kang Xiaoning: Router looks simple, but the actual technical threshold is not low, coupled with the supply chain, quality management and other hardware requirements, it can be said that the vast majority of small manufacturers are in fact already in the future competition out, large companies can do it, there are still uncertainties.

For example, now many chip manufacturers to provide the original scheme, are not safe, there are loopholes, and can have experience, have the strength to find and solve these problems are not many companies.