Are you itching for an internet fridge? Hankering for a smart washing machine? Thirsting for an IoT-enabled thermostat?
Well, think twice before you make a potentially costly mistake when deciding what appliance you will be next be purchasing for your home.
A new report from consumer agency Which? warns that so-called “smart” appliances like internet fridges can be left in the cold when it come to security updates.
According to a survey conducted by Which?, 69% of respondents expect a “smart” appliance to last as long, if not longer, than non-connected equivalents.
However, essential security updates could run out years before your the expected end of a product’s lifetime.
According to Which?, household dishwashers and washing machines typically last 10 years. Fridge-freezers and tumble driers are typically 11 years old before needing to be replaced.
However, “smart” internet-connected devices aren’t just hardware. A key component of the appliances is the software that adds the functionality to connect remotely or send commands via a smartphone app.
As the agency warns, “Unsupported products can provide a way in for hackers to steal your data, so it’s important that your protection doesn’t stop before your appliance packs in for good.”
Which? approached appliance manufacturers Beko, BSH (Bosch, Neff and Siemens), Hoover/Candy, LG, Miele, Samsung and Whirlpool Group (Hotpoint, Indesit and Whirlpool), noting that none of them had published how long consumers could expect to receive updates for their products.
When asked, Samsung said it would provide a minimum two years’ worth of updates, while Beko said the maximum length of time it would push out updates would be 10 years.
Most, however, only said vaguely that updates would be provided the for “the life of the product,” but would not give a definite answer.
The one exception? Miele, which promised 10 years of security updates for its internet-connected products.
The problem is clear. Household appliance manufacturers are not promising to deliver security updates for the length of time that typical purchasers expect to own those products – despite the additional expense of buying a smart appliance.
More clarity from manufacturers is definitely required.
Even before you raise the spectre of manufacturers withdrawing software support or turning off their servers and disabling features for “smart” appliances, security updates are an essential part of the fight against online crime.
With attacks like the notorious Mirai botnet, exploiting the internet of insecure things, hackers have demonstrated just how powerful an IoT-powered internet attack can be.
The more poorly-secured appliances there are left lurking unpatched in a corner of the kitchen, the more devices malicious hackers will be able to hijack in future for ever more devastating attacks.
tags
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.
View all postsNovember 14, 2024
September 06, 2024