NEWSWEEK.COM 19
TECHNOLOGYIs your vibrator cheating on you?
some of the more creative of these exploits
in recent months come from the lab of Alvaro
Cardenas, who challenged his students at the Uni-
versity of Texas at Dallas last year to crack a wide
array of IoT devices. Among other things, they
managed to turn on and hijack a drone and demon-
strate they could use it to attack an innocent victim,
Kamikaze-style, or to stream video and audio of a
neighbor. They hacked into a popular children’s
toy—a small, talking dinosaur networked to the
internet so it could receive updates. Then they
demonstrated they could take over the toy and use
it to insult the child, instigate inappropriate con-
versations (using the trusted voice of the toy) or
tell the child what to do. They showed they could
take control of internet-connected cameras to spy
on households. They even identified the existence
of “sensitive devices”—vibrators—sometimes used
by overseas military personnel to have remote vir-
tual relations with their partners. Not only were
they able to obtain private usage information, they
warned it was possible to impersonate a “trusted
partner” and “commit remote sexual assault.”Cardenas reported their findings to device man-
ufacturers and the CERT Coordination Center, a
federally funded non-profit R & D group that works
with business and government to improve the secu-
rity of the internet. Then he submitted a paper to
IEEE, a professional association for electronic engi-
neering and electrical engineering, which published
their findings in a special issue this fall.
“These attacks show how IoT technologies are
challenging our cultural assumptions about secu-
rity and privacy and will hopefully motivate more
emphasis on the security and privacy practices of
IoT developers and designers,” they wrote. (After
the paper was published, all the manufacturers
responded and attempted to fix the vulnerabilities,
except for the drone companies).“The problem at the moment is that there’s really
no incentive for security. SECURITY usually gets in the
back burner of these products.”