{"video_id":"SvFyd8DpRkw","title":"Your Smart Home Is Stupid - IoT Security Explained","channel":"Techquickie","show":"Techquickie","published_at":"2023-05-05T14:58:16Z","duration_s":334,"segments":[{"start_s":0.08,"end_s":6.0,"text":"your smart home is actually stupid and i don't mean that","speaker":null,"is_sponsor":0},{"start_s":3.679,"end_s":9.76,"text":"your smart fridge is pointless well it is but what i'm talking about are the","speaker":null,"is_sponsor":0},{"start_s":8.0,"end_s":14.08,"text":"now ubiquitous smart gadgets in your house that aren't smart enough to","speaker":null,"is_sponsor":0},{"start_s":11.92,"end_s":18.24,"text":"protect themselves or the rest of your network they're like the tech equivalent","speaker":null,"is_sponsor":0},{"start_s":15.759,"end_s":22.88,"text":"of dodo birds small iot products like lights thermostats and cameras can be","speaker":null,"is_sponsor":0},{"start_s":20.4,"end_s":26.08,"text":"easy vectors for hackers to put malware on your home network or steal your","speaker":null,"is_sponsor":0},{"start_s":24.96,"end_s":30.48,"text":"information and attacks like that can put anyone who","speaker":null,"is_sponsor":0},{"start_s":28.48,"end_s":36.88,"text":"connects to your network at risk in 2016 the mirai worm famously created","speaker":null,"is_sponsor":0},{"start_s":33.92,"end_s":42.559,"text":"an iot botnet so massive that it took down amazon twitter reddit paypal and","speaker":null,"is_sponsor":0},{"start_s":39.68,"end_s":47.12,"text":"netflix by unleashing a ddos attack on these sites dns provider but what","speaker":null,"is_sponsor":0},{"start_s":44.8,"end_s":52.559,"text":"exactly makes iot devices such attractive targets for attackers for one","speaker":null,"is_sponsor":0},{"start_s":49.6,"end_s":57.84,"text":"thing smart gadgets are often a lot less complicated than computers tablets or","speaker":null,"is_sponsor":0},{"start_s":55.12,"end_s":61.039,"text":"phones which is just as much of a selling point for bad actors as it is","speaker":null,"is_sponsor":0},{"start_s":59.76,"end_s":64.879,"text":"for your parents the latter kind of products have both","speaker":null,"is_sponsor":0},{"start_s":62.8,"end_s":69.119,"text":"stored and handled sensitive personal data for a long time so the engineers","speaker":null,"is_sponsor":0},{"start_s":67.52,"end_s":73.84,"text":"who design hardware and software for them make security a priority you can","speaker":null,"is_sponsor":0},{"start_s":71.76,"end_s":78.96,"text":"find everything from advanced encryption to dedicated security chips on a wide","speaker":null,"is_sponsor":0},{"start_s":76.08,"end_s":84.24,"text":"variety of phones and pcs these days but iot devices often miss out on all this","speaker":null,"is_sponsor":0},{"start_s":81.92,"end_s":88.799,"text":"fancy protection this is because the smart gadgets in your home only do a","speaker":null,"is_sponsor":0},{"start_s":86.32,"end_s":93.68,"text":"very limited range of things a smart plug might do nothing but turn a light","speaker":null,"is_sponsor":0},{"start_s":91.119,"end_s":98.64,"text":"on or off a smart garage door only opens and closes and a smart fridge will only","speaker":null,"is_sponsor":0},{"start_s":96.32,"end_s":101.439,"text":"screech at you to buy another overpriced water filter","speaker":null,"is_sponsor":0},{"start_s":99.84,"end_s":105.92,"text":"these things require very little processing power so iot devices usually","speaker":null,"is_sponsor":0},{"start_s":104.24,"end_s":112.079,"text":"aren't equipped with the latest and greatest cpus or socs and as such are","speaker":null,"is_sponsor":0},{"start_s":109.6,"end_s":116.64,"text":"limited in their security capabilities instead they might be operating on a","speaker":null,"is_sponsor":0},{"start_s":114.0,"end_s":120.799,"text":"design that's either many years old or produced to be as cheap as possible i","speaker":null,"is_sponsor":0},{"start_s":118.96,"end_s":125.92,"text":"mean no one would ever buy a smart toaster if it ran on a 400 core i7 even","speaker":null,"is_sponsor":0},{"start_s":124.479,"end_s":131.76,"text":"though that would definitely make your toast taste better but underpowered","speaker":null,"is_sponsor":0},{"start_s":129.039,"end_s":135.76,"text":"hardware is far from the only reason iot devices are easy to hack we'll tell you","speaker":null,"is_sponsor":0},{"start_s":133.92,"end_s":140.0,"text":"about the others right after we thank xsplit for sponsoring this video xsplit","speaker":null,"is_sponsor":1},{"start_s":138.4,"end_s":144.879,"text":"is a trusted live streaming and recording software designed for gaming","speaker":null,"is_sponsor":1},{"start_s":142.16,"end_s":148.8,"text":"presentations and live events it offers useful features like xsplit broadcaster","speaker":null,"is_sponsor":1},{"start_s":147.2,"end_s":152.56,"text":"an all-in-one streaming and recording solution designed for content creation","speaker":null,"is_sponsor":1},{"start_s":150.959,"end_s":157.04,"text":"connect webcam which turns your smartphone into a webcam presenter which","speaker":null,"is_sponsor":1},{"start_s":155.2,"end_s":161.68,"text":"lets you add personality flair and interactivity to presentations capture","speaker":null,"is_sponsor":1},{"start_s":159.68,"end_s":166.239,"text":"which lets you capture images and record your screen so you can add annotations a","speaker":null,"is_sponsor":1},{"start_s":163.68,"end_s":171.84,"text":"voiceover and share a link in seconds and vcam a fantastic virtual background","speaker":null,"is_sponsor":1},{"start_s":169.12,"end_s":175.36,"text":"tool for webcams use code Linus at the link below and save 10","speaker":null,"is_sponsor":1},{"start_s":173.92,"end_s":181.44,"text":"right now even if the hardware inside your favorite smart lock isn't particularly","speaker":null,"is_sponsor":1},{"start_s":178.64,"end_s":186.48,"text":"low end or outdated the fact that there isn't one standard for how iot gadgets","speaker":null,"is_sponsor":0},{"start_s":184.4,"end_s":190.72,"text":"are designed and built presents other security challenges there are different","speaker":null,"is_sponsor":0},{"start_s":188.959,"end_s":197.2,"text":"protocols smart devices use to communicate such as wi-fi z-wave zigbee","speaker":null,"is_sponsor":0},{"start_s":194.72,"end_s":201.68,"text":"and bluetooth meaning there isn't an upon set of practices to secure the","speaker":null,"is_sponsor":0},{"start_s":199.44,"end_s":204.159,"text":"incredibly broad range of iot devices out there","speaker":null,"is_sponsor":0},{"start_s":202.72,"end_s":208.56,"text":"all of these protocols have different vulnerabilities not to mention that","speaker":null,"is_sponsor":0},{"start_s":206.0,"end_s":213.04,"text":"these products usually have many highly specialized components from lots of","speaker":null,"is_sponsor":0},{"start_s":210.72,"end_s":218.72,"text":"different suppliers making it difficult to coordinate a security strategy and","speaker":null,"is_sponsor":0},{"start_s":215.28,"end_s":220.56,"text":"close as many attack vectors as possible","speaker":null,"is_sponsor":0},{"start_s":218.72,"end_s":223.92,"text":"then you have the fact that the device specific software simply isn't up to","speaker":null,"is_sponsor":0},{"start_s":222.959,"end_s":228.959,"text":"scratch one common weak point is the use of","speaker":null,"is_sponsor":0},{"start_s":226.08,"end_s":232.319,"text":"hard-coded passwords these are default passwords built into the device of","speaker":null,"is_sponsor":0},{"start_s":230.48,"end_s":237.04,"text":"software that cannot be changed by the user and are not chosen at random","speaker":null,"is_sponsor":0},{"start_s":235.2,"end_s":241.76,"text":"although this makes it easier to access settings it significantly increases the","speaker":null,"is_sponsor":0},{"start_s":239.36,"end_s":245.68,"text":"chances that an attacker could guess or uncover the password and force their way","speaker":null,"is_sponsor":0},{"start_s":243.599,"end_s":250.72,"text":"into your network even though you spent all evening coming up with the absolute","speaker":null,"is_sponsor":0},{"start_s":247.599,"end_s":250.72,"text":"masterpiece that is","speaker":null,"is_sponsor":0},{"start_s":252.519,"end_s":259.359,"text":"unh4cka8l3-6969 of course nice even without an obvious backdoor like a","speaker":null,"is_sponsor":0},{"start_s":256.959,"end_s":263.759,"text":"hard-coded password software for iot devices is often rushed out in order to","speaker":null,"is_sponsor":0},{"start_s":261.759,"end_s":267.68,"text":"keep costs down or meet a release deadline or it can be configured out of","speaker":null,"is_sponsor":0},{"start_s":265.919,"end_s":272.0,"text":"the box with minimal security to make setup easier this means that even if a","speaker":null,"is_sponsor":0},{"start_s":270.16,"end_s":276.479,"text":"product is shipped out without glaring defects in code simply setting it up","speaker":null,"is_sponsor":0},{"start_s":274.479,"end_s":281.36,"text":"with the manufacturer's default settings can introduce a big security hole for a","speaker":null,"is_sponsor":0},{"start_s":279.68,"end_s":286.16,"text":"home bottom line research your stuff before you buy it","speaker":null,"is_sponsor":0},{"start_s":284.08,"end_s":291.28,"text":"tweak the settings to plug obvious security holes and put iot devices on a","speaker":null,"is_sponsor":0},{"start_s":289.199,"end_s":295.84,"text":"separate network if you can one simple way to do this is to put iot","speaker":null,"is_sponsor":0},{"start_s":293.52,"end_s":299.759,"text":"on 2.4 gigahertz network and more sensitive devices on a 5 gigahertz","speaker":null,"is_sponsor":0},{"start_s":297.759,"end_s":304.479,"text":"network though there are ways you can split up your network even more securely","speaker":null,"is_sponsor":0},{"start_s":302.32,"end_s":307.919,"text":"look many businesses do what they can but with so many people working from","speaker":null,"is_sponsor":0},{"start_s":306.32,"end_s":311.84,"text":"home and remotely connecting to a company network it wouldn't be","speaker":null,"is_sponsor":0},{"start_s":309.6,"end_s":315.759,"text":"surprising to see some multi-million dollar trade secret gets stolen by a","speaker":null,"is_sponsor":0},{"start_s":314.16,"end_s":322.0,"text":"hacker who made it through the work laptop of some middle manager who bought","speaker":null,"is_sponsor":0},{"start_s":318.88,"end_s":323.68,"text":"a 10 wi-fi enabled egg cart","speaker":null,"is_sponsor":0},{"start_s":322.0,"end_s":326.56,"text":"was it worth it harold can i call you harry so thanks for","speaker":null,"is_sponsor":0},{"start_s":325.44,"end_s":330.24,"text":"watching guys if you liked this video hit like hit subscribe and hit us up in","speaker":null,"is_sponsor":0},{"start_s":328.56,"end_s":334.96,"text":"the comments section with your suggestion for topics that we should","speaker":null,"is_sponsor":0},{"start_s":332.08,"end_s":334.96,"text":"cover in the future","speaker":null,"is_sponsor":0}],"full_text":"your smart home is actually stupid and i don't mean that your smart fridge is pointless well it is but what i'm talking about are the now ubiquitous smart gadgets in your house that aren't smart enough to protect themselves or the rest of your network they're like the tech equivalent of dodo birds small iot products like lights thermostats and cameras can be easy vectors for hackers to put malware on your home network or steal your information and attacks like that can put anyone who connects to your network at risk in 2016 the mirai worm famously created an iot botnet so massive that it took down amazon twitter reddit paypal and netflix by unleashing a ddos attack on these sites dns provider but what exactly makes iot devices such attractive targets for attackers for one thing smart gadgets are often a lot less complicated than computers tablets or phones which is just as much of a selling point for bad actors as it is for your parents the latter kind of products have both stored and handled sensitive personal data for a long time so the engineers who design hardware and software for them make security a priority you can find everything from advanced encryption to dedicated security chips on a wide variety of phones and pcs these days but iot devices often miss out on all this fancy protection this is because the smart gadgets in your home only do a very limited range of things a smart plug might do nothing but turn a light on or off a smart garage door only opens and closes and a smart fridge will only screech at you to buy another overpriced water filter these things require very little processing power so iot devices usually aren't equipped with the latest and greatest cpus or socs and as such are limited in their security capabilities instead they might be operating on a design that's either many years old or produced to be as cheap as possible i mean no one would ever buy a smart toaster if it ran on a 400 core i7 even though that would definitely make your toast taste better but underpowered hardware is far from the only reason iot devices are easy to hack we'll tell you about the others right after we thank xsplit for sponsoring this video xsplit is a trusted live streaming and recording software designed for gaming presentations and live events it offers useful features like xsplit broadcaster an all-in-one streaming and recording solution designed for content creation connect webcam which turns your smartphone into a webcam presenter which lets you add personality flair and interactivity to presentations capture which lets you capture images and record your screen so you can add annotations a voiceover and share a link in seconds and vcam a fantastic virtual background tool for webcams use code Linus at the link below and save 10 right now even if the hardware inside your favorite smart lock isn't particularly low end or outdated the fact that there isn't one standard for how iot gadgets are designed and built presents other security challenges there are different protocols smart devices use to communicate such as wi-fi z-wave zigbee and bluetooth meaning there isn't an upon set of practices to secure the incredibly broad range of iot devices out there all of these protocols have different vulnerabilities not to mention that these products usually have many highly specialized components from lots of different suppliers making it difficult to coordinate a security strategy and close as many attack vectors as possible then you have the fact that the device specific software simply isn't up to scratch one common weak point is the use of hard-coded passwords these are default passwords built into the device of software that cannot be changed by the user and are not chosen at random although this makes it easier to access settings it significantly increases the chances that an attacker could guess or uncover the password and force their way into your network even though you spent all evening coming up with the absolute masterpiece that is unh4cka8l3-6969 of course nice even without an obvious backdoor like a hard-coded password software for iot devices is often rushed out in order to keep costs down or meet a release deadline or it can be configured out of the box with minimal security to make setup easier this means that even if a product is shipped out without glaring defects in code simply setting it up with the manufacturer's default settings can introduce a big security hole for a home bottom line research your stuff before you buy it tweak the settings to plug obvious security holes and put iot devices on a separate network if you can one simple way to do this is to put iot on 2.4 gigahertz network and more sensitive devices on a 5 gigahertz network though there are ways you can split up your network even more securely look many businesses do what they can but with so many people working from home and remotely connecting to a company network it wouldn't be surprising to see some multi-million dollar trade secret gets stolen by a hacker who made it through the work laptop of some middle manager who bought a 10 wi-fi enabled egg cart was it worth it harold can i call you harry so thanks for watching guys if you liked this video hit like hit subscribe and hit us up in the comments section with your suggestion for topics that we should cover in the future"}