AuthentificationCyberCrimeFirewallSecuritySecurity ManagementVirus

Security For Google’s New Home Assistant May Get Lost On The IoT

Wayne Rash is senior correspondent for eWEEK and a writer with 30 years of experience. His career includes IT work for the US Air Force.

Follow on: Google +
Google + Linkedin Subscribe to our newsletter Write a comment

GOOGLE I/O 2016 ANALYSIS: Nobody knows what security is planned for Google Home smart assistant, but buyers need to think about security no matter Google provides

When Google announced that it was coming out with a competitor to Amazon’s Echo device at the I/O conference on Wednesday May 18, most of the discussion was about the capabilities, and whether it would be able to overcome the frustrations of other digital assistants, including Amazon’s Alexa.

At this point, most of the discussion is mere speculation because it will be months before Google’s currently nameless assistant will be in a ready-to-ship form later this year.

But what’s not being discussed is the security and privacy provisions of Google’s new device. The lack of details about privacy is ironic considering Google, of all cloud companies, routinely raises privacy flags the most. So the question then becomes, what is Google planning to do to safeguard security and privacy?

Google I/O 2016: Google Duo and Allo Smart Messaging / Android N For Businesses / Android Wear 2.0 Adds Standalone Apps Daydream VR Platform / Try our Android Quiz!

Smart home security

Google IO 2016 Sundar PichaiBoth of these issues are critical because privacy and security get very short shrift in the vast and unregulated Internet of things. The IoT is well known for its casual approach to security, because manufacturers may not go to a lot of trouble to make devices secure and because users rarely spend any time or thought to make sure their networks even minimally secure.

Two devices that have been running for a while on the IoT, routers and webcams, demonstrate just how lax security is with those devices. Go to any even moderately populated area and do a search for a WiFi hot spot and you will find dozens of unsecured WiFi routers with names like “Linksys.”

In many cases, an attempt to log in using the default user name (usually “admin”) and the default password (frequently it’s “password”) will all too often provide instant access to the device. Once into the router, you have access to that person’s network and maybe to the devices on the network.

Does it matter to your business whether your data is stored in the EU?

View Results

Loading ... Loading ...

Sensitive data

It’s even worse for other types of devices such as Webcams, which may not even be password protected and available to any would-be voyeur who happens by. Other devices that are now populating home and office networks, including smart refrigerators, smart lightbulbs and smart white boards, are often bereft of any provision for security or any means to protect the information they transmit on the network.

Imagine, if you will, that a competitor finds your unsecured smart white board that has detailed information about your sales plans, your customers and a look at future products. That information could be in their hands in a matter of seconds, but it gets even worse.

When the device on the IoT is from Google, then it’s part of an information universe that’s almost unlimited. Get into one device that’s connected to Google, and you could have a person’s entire life in your hands.

Continues on Page 2

Originally published on eWeek