SecureMac, Inc.

Checklist 300: Things to Consider When Smartening Your Home

October 20, 2022

On this Checklist, we dive into smart device security and privacy issues—and tell you what questions to ask in order to stay safe.

Checklist 300: Things to Consider When Smartening Your Home

It’s the 300th edition of The Checklist! This week, we’ll talk about:

  • What to ask before you buy a smart security camera
  • Why a company’s security background is so important
  • Matter matters 

Smart questions about smart devices

Home security cameras have become ubiquitous—but they also carry some serious security and privacy risks.

We recently came across a great piece by the folks at We Live Security called “8 questions to ask yourself before getting a home security camera.” It’s definitely worth reading in full, but here are some highlights from the actionable advice parts of the article:

  • If you’re considering a home security camera, first determine if you really need it. “They’re pretty cool” isn’t a great justification for taking on increased cyber risk! 
  • Make sure the camera vendor has a good reputation for security. Look for a history of fast security patches, good encryption and login practices, and a robust privacy policy.
  • Learn how to secure your smart device. This means knowing how to change default passwords; how to create strong, unique passwords; and how to enable 2FA when available.
  • Be aware of the signs of a camera hack. Watch for strange or unexpected camera movements or sounds; excessive data usage or poor performance; or changed passwords.

Why background matters

Roku, the smart TV people, are releasing their own line of home security cameras. They look like they’ll be far cheaper than the competition—but there are some privacy concerns to be aware of.

Roku’s smart TVs use automatic content recognition (ACR), which is software that helps smart TVs identify what you’re watching. It’s basically just data collection technology, and is used to report viewing statistics to the manufacturer or to a paying third-party company. The goal, as with app data collection, is to assist with targeted advertising

From the point of view of a smart TV manufacturer, ACR also creates an additional revenue stream. But consumers and privacy advocates are wary of the technology—especially as it has been used to collect sensitive personal information such as IP address details.

Adding to the worry over Roku cameras: The company has partnered with smart camera maker Wyze in order to manufacture some of its new products. But Wyze, unfortunately, has a problematic history of handling security vulnerabilities. As a Cult of Mac piece notes: “[Wyze] kept the lid on a flaw that rendered cameras vulnerable to hackers, not revealing it for three years.”

This isn’t to say that people shouldn’t buy Roku smart cameras. But it’s a good example of why it’s so important to do a little digging into a company’s security and privacy pedigree before making your decision!

What’s the matter with Matter?

If you’re building a smart home, you’ll probably end up buying  products from all sorts of different manufacturers. Tech companies realize this, which is why they’ve come up with a common smart device standard called Matter. As Wired explains it:

…Matter theoretically lets you buy any device and use the voice assistant or platform you prefer to control it (yes, you should be able to use different voice assistants to talk to the same product).

Sounds great—but there are some privacy concerns, as a recent piece from Consumer Reports highlighted:

You should consider the privacy protections of the ecosystem(s) you choose to use to control your Matter devices. Amazon and Google, for example, have faced criticism for logging the state changes (turning a light on or off, setting the thermostat temperature, etc.) of every smart home device connected to the Amazon Alexa and Google Home systems, even when you don’t control them from Amazon and Google devices. But Apple HomeKit is designed in such a way that device data can be accessed only from your personal Apple devices, even when stored on Apple iCloud servers.

In other words, while the interoperability provided by Matter is undeniably great from a UX standpoint, it’s important to remember that not all companies respect data privacy to the same degree. Until they do, it’s up to individual consumers to decide if they’re comfortable with a smart device manufacturer’s data handling policies—and whether or not they want to talk to that company’s smart devices at home!

Get the latest security news and deals