That vulnerability was fixed by Fiat Chrysler America after a 1.4 million-vehicle recall, but Cobb said it was inevitable that more security issues will come to the fore as more devices are connected to the Internet.
Abhay Raman, a cyber security expert at EY, said some companies cut corners on security in order to make things cheaper for the customer and make it easier for different devices to communicate.“Designing specifically for various security levels gets more complicated, more involved, with more testing,” he said.
“Programmers take the easy route in enabling as many features as you can.”Companies, especially those bringing new technology to the market, should offer their customers a privacy nutrition label, Raman said, listing what their device or app does, what it’s accessing and why it needs to do so.“We’re going to learn these things as we evolve, but I think it’s incumbent on the vendors to provide enough information to help the user make a decision,” he said.
All available for anyone to watch via the unsecured webcams overhead. Shodan, a search engine that indexes computers and devices rather than information, now allows users to pull screenshots from nanny cams, security cameras and other connected devices around the world that don’t ask for a username or password.Those screenshots are connected to an IP address, a unique identifier for each Internet connection or device that can be traced back to a general geographic area.Larger companies such as Microsoft, Apple and Facebook have worked to build privacy features such as two-factor authentication into their offerings, he said, yet the bottom line is still a driver for some companies to skimp on security.Stephen Cobb, a senior researcher at IT security company ESET, said public awareness of security and privacy of connected devices jumped after the well-publicized hack of a Jeep Cherokee in 2015 in which two security researchers demonstrated they could remotely control the vehicle.
Emails sent to Shodan’s general inbox requesting comment were not answered.
Cavoukian is among those spurring the development of the privacy-by-design approach, urging software companies and manufacturers to build privacy protections into their products from the get-go.