Wednesday, January 20, 2016

Nest Thermostats Have Been Leaking Users’ Home Locations Over WiFi

(elnina)
The Nest thermostat is a popular smart device that supposedly helps users to save money on heating and cooling, and also have a cool-looking round electronic device on their walls. Yet two researchers at Princeton University pointed out a problem that should terrify most Nest users: their thermostats have been broadcasting their location, unencrypted, over WiFi.

That means any person walking or driving by with the right equipment would be able to intercept that information. Arguably, someone physically close enough to your home to intercept a WiFi signal already knows where you’re located and what the local ZIP code is, but that information isn’t supposed to be broadcasted unencrypted. However, it’s frightening that this has been going on and no one was aware of it.

The researchers were testing a variety of smart devices for information leaks and vulnerabilities, but didn’t say whether they contacted any other companies about their products.

Nest, which was acquired by Google in 2014 and is now part of their Alphabet umbrella company, fixed the bug that was causing the data leak. The question is, though, when will the next bug come? For Nest, the last problematic bug was reported less than a week ago, when users learned the hard way that a software problem had drained the devices’ batteries, turning off the heat. That’s not a problem if you’re home to charge the device, but is a huge problem if you’re not home.

nest Learning Thermostat Rating [Consumer Reports]


by Laura Northrup via Consumerist

No comments:

Post a Comment