We have all bought products we thought were steals but ended up being scrap. Especially with Black Friday right in front of us, it’s important to remember what’s at stake when your ‘great deal’ has an internet connection.
A team of security researchers have found that particular brands of routers available for purchase online through Walmart and Amazon have some very concerning vulnerabilities. These include a ‘back door’ that can allow a bad actor to gain access to the device, where they can use undocumented features to report what else is on your network (and it wouldn’t report any Windows 7 devices, right?). These are not what we would expect to see from a vendor that takes the security of their customers seriously.
With remote work becoming a standard, it’s critical that the devices we deploy to protect and connect our home networks continuously earn our trust. This means using reputable brands that provide regular security updates. Philips Hue is a premium brand of smart bulbs, and famously had to patch a vulnerability that NIST considered a 7.9 out of 10. For comparison, a Webex vulnerability that let someone access secure data from your browser was a 6.1. Everyone is going to have a vulnerability eventually, and Philips (eventually) addressing it is good both for their brand and their customers.
These smart devices are supposed to make our lives easier, and though it can hurt to pay a little more, peace of mind is rarely on sale.