Hewlett-Packard

Hewlett-Packard revealed Tuesday shocking results of a security testing study which showed that owners of Internet-connected home security systems contain significant vulnerabilities, including password security, encryption and authentication issues.

Home security systems, such as video cameras and motion detectors, have gained popularity as they have joined the booming Internet of Things (IoT) market and have grown in convenience. The new HP study reveals how ill-equipped the market is from a security standpoint for the magnitude of growth expected around IoT.

According to Gartner, 4.9 billion connected things will be in use in 2015, and will reach 25 billion by 2020.

All systems that included their cloud-based web interfaces and mobile interfaces failed to require passwords of sufficient complexity and length with most only requiring a six character alphanumeric password. All systems also lacked the ability to lock out accounts after a certain number of failed attempts.

All cloud-based web interfaces tested exhibited security concerns enabling a potential attacker to gain account access through account harvesting which uses three application flaws; account enumeration, weak password policy and lack of account lockout. Similarly five of the ten systems tested exhibited account harvesting concerns with their mobile application interface exposing consumers to similar risks.

All systems collected some form of personal information such as name, address, date of birth, phone number and even credit card numbers. Exposure of this personal information is of concern given the account harvesting issues across all systems. It is also worth noting that the use of video is a key feature of many home security systems with viewing available via mobile applications and cloud-based web interfaces. The privacy of video images from inside the home becomes an added concern.

While all systems implemented transport encryption such as SSL/TLS, many of the cloud connections remain vulnerable to attacks such as the POODLE attack. The importance of properly configured transport encryption is critical as security is a primary function of these systems.

Manufacturers are offering connected security systems that deliver remote monitoring capabilities. The network connectivity and access necessary for remote monitoring presents new security concerns that did not exist for the previous generation of systems that have no internet connectivity.

The HP study questions whether connected security devices actually make our homes safer or put them at more risk by providing easier electronic access via insecure IoT products. HP leveraged HP Fortify on Demand to assess 10 home security IoT devices along with their cloud and mobile application components, uncovering that none of the systems required the use of a strong password and 100 percent of the systems failed to offer two-factor authentication.

See more here:
HP discovers security threats that underline Internet of Things systems

In a recent study, every connected home security system tested by HP contained significant vulnerabilities, including but not limited to password security, encryption, and authentication issues.

HP's Fortify on Demand security service assessed the top 10 home security devices such as video cameras and motion detectors along with their cloud and mobile application components. It uncovered vulnerabilities in all of them. None of the systems required the use of a strong password, for example, and 100 per cent of the systems failed to offer two-factor authentication.

Connected home security systems are part of the booming Internet of Things (IoT) market, and vendors are understandably keen to carve out a slice of the action with fast time-to-market, rather than data security, at the forefront of their thinking.

Manufacturers are under pressure to release security systems that deliver remote monitoring capabilities. Ironically, however, the network connectivity and access that are necessary for remote monitoring mean the security risks associated with such systems are significantly greater than those associated with older, disconnected systems.

All systems that HP tested, including cloud-based web interfaces and mobile interfaces, failed to require passwords of sufficient length and complexity, with most only requiring a six-character alphanumeric password. All the systems also lacked the ability to lock out accounts after a certain number of failed login attempts, leaving the door open to brute force attacks.

All accessed systems collected some form of personal information, such as names, addresses, dates of birth, phone numbers, and even credit card numbers. Thats bad, because account-harvesting issues were pervasive across all systems tested.

Gartner forecasts that 4.9 billion connected things will be in use in 2015, up 30 per cent from 2014, and the figure will reach 25 billion by 2020.

The new HP study highlights how ill-equipped the market is delivering secure products, re-emphasising an observation weve heard from several security firms over recent months: The lessons learnt in the client-server, mobile, and cloud technology markets are not being applied when it comes to the IoT, including such devices as connected home security systems and smart meters.

Default passwords and poor crypto are the order of the day, laying the groundwork for a more expensive security retrofit down the line.

HPs Home Security Systems report tested 10 of the most commonly used home security IoT devices for vulnerabilities using a combination of manual testing and automated tools. Devices and their components were assessed based on the OWASP Internet of Things Top 10 and the specific vulnerabilities associated with each top 10 category.

Read more here:
Internet of Thieves: All that shiny home security gear is crap, warns HP

"Smart" Internet-connected home security systems are meant to protect consumers from intruders but the top devices don't require even the bare minimum for password protection that we expect for our email and other web services, according to a new study from HP.

HP bought 10 home-monitoring devices like video cameras and alarm systems and tested them to see how easy they are to hack, Jason Schmitt, the vice president and general manager of HP's enterprise security products team, told NBC News. All 10 of the devices had "significant vulnerabilities" in the security of the device itself, HP said.

HP which declined to name the products it tested said the most basic of those security holes involved poor password practices. Some devices didn't require strong passwords, while all 10 of the products tested failed to lock the account after a certain number of failed password attempts. "These are things that a lot of web companies have perfected, but when you move to a different [space] that doesn't specialize in web security those practices just kind of drift away," Schmitt said.

First published February 10 2015, 5:17 AM

Excerpt from:
Smart Home Security Devices Fail Password Basics: HP

#primesecurity AGILITY3
primesecurity Agility 3 offers a new concept in home security systems, giving you total control at all times. A state-of-the-art wireless alarm system that offers you the best in home...

By: Prime Security Installations Ltd

See the rest here:
#primesecurity AGILITY3 - Video

Arlo Smart Home Security Camera HD Night-vision Unboxing 2-4-15
Arlo Smart Home Security Camera HD and Night-vision Unboxing. By Chris Rauschnot http://twitter.com/24k I am a Netgear Ambassador and have received this prod...

By: SEOMarketing

Originally posted here:
Arlo Smart Home Security Camera HD & Night-vision Unboxing 2-4-15 - Video

Home Alarm Systems Reviews -- List of the best home security systems
http://www.HomeAlarmSystemsRatings.com offers top quality consumer reviews on the best home alarm and security systems in the industry, They are ranked on the basis of: - Equipment, Features...

By: Home Alarm Systems Ratings

See the original post:
Home Alarm Systems Reviews -- List of the best home security systems - Video

Films have long been imagining the home of the future. Back to the Future II famously showed McFly's house being controlled by voice recognition technology. It had dust-repellent paper, food re-hydrators and a flying fruit bowl. But in reality, the home of the future will be much more pragmatic it will be developed with practical aspects in mind such as security, energy savings and, above all, home healthcare. Each will have two things in common: they must be secure and easy to use.

Our homes are not just a roof over our heads. With the innovative technologies now available, we don't live our lives in the same way and our homes are evolving with us. Our games consoles, televisions and smart meters are already providing us with entertainment in our living rooms and making things in our everyday lives more convenient. The digital revolution has opened the home up to the outside world, including the hospital.

The connected home is pivotal to the future of healthcare. 2014 was a year of connected health devices, with gadgets being unveiled that can remotely connect a patient's hearing aid to a TV via Bluetooth; a video game being released for remote rehabilitation; and sensors being developed that, once ingested, can predict the chances of becoming ill.

It's not just technology that's pushing this innovation though. Improving quality of care alongside managing costs is the biggest challenge the NHS is facing at the moment, especially with a 20 billion savings target to meet. Although work is underway on a number of initiatives, and healthcare organisations are pioneering digital treatments such as remote stroke diagnosis, the responsibility largely falls on community healthcare professionals to provide treatment.

This pressure on digital innovation in the healthcare sector is also being felt across the pond, as it was recently suggested that remote care could halve the average annual medical expenditure of $14,000 (around 9,200) that it currently costs to treat a person with diabetes in the US.

The connected home, however, will really open up the future of healthcare. As technology evolves and consumers become more comfortable with the Internet of Things (IoT), our homes will become the base for most of our medical needs. Visiting the doctor's surgery for a check-up will become a thing of the past.

It will be possible to link devices dedicated to patient healthcare to the entire medical team, the GP and hospital staff. At the same time, remote consultations can take place over videoconferencing, which can provide a vital lifeline for those in remote locations or unable to get to hospital on their own. There is even speculation about the possibility of a 24/7 digital healthcare assistant. This digitalisation of healthcare will increase convenience and generate huge cost and resource savings.

The good news is that the foundations are already in place, with 77% of UK homes being connected to the internet either through ADSL, cable, fibre optic or satellite. And the general public is also welcoming healthcare into their homes. According to a survey by Intel, 84% of the 12,000 patients sampled were willing to share personal healthcare information to lower costs to the system, and 72% were willing to see a doctor by videoconference for a non-urgent appointment.

But our homes are our castles and security is imperative to the success of the connected home, especially when it concerns our health. With more internet enabled devices, there are more doors open to potential security and privacy breaches. Keeping patient records out of the wrong hands is going to be one of the biggest challenges of digital health. A data breach may result in the confidential medical information of thousands being leaked into the public domain. There's still plenty of public concern about sharing even anonymised health data.

For home healthcare to be a success, it's essential that the security of transmissions, the authentication of devices and users, as well as the traceability of transactions, are taken into account and that the public has confidence in them.

Excerpt from:
Industry voice: The future home hospital: why security and ease of use are paramount

Cocoon Smart Home Security System
Cocoon Smart Home Security System Cocoon Is A Smart Home Security Device That Uses Infrasonic Sound To Detect An Intruder There #39;s currently no shortage of #39;s...

By: OnlineShoppingGuide

Go here to read the rest:
Cocoon Smart Home Security System - Video

cctv camera in hyderabad- CALL - 8978446177
Our Technology - DISCOVERY SECURITY CARE No.1 CCTV Cameras in hyderabad,with one year warranty We are providing excellent services to our customers Networked Closed Circuit ...

By: Mansoor Ahmed

Follow this link:
cctv camera in hyderabad- CALL - 8978446177 - Video

Netgear #39;s Arlo nails versatile DIY home security
This indoor- and outdoor-rated camera two-pack makes good on its connected claims.

By: CNET

Continued here:
Netgear's Arlo nails versatile DIY home security - Video