As smart devices have become more and more popular in Canadian homes, a group of researchers at Princeton University have developed a new tool to protect users’ privacy from these devices.
The Princeton IoT Inspector is an open-source tool that you can download to find out what information your smart home is collecting about you. The Inspector has been designed to locate Internet of Things (IoT) devices and monitor their network activity.
Through the tool, users can find out who is accessing the information, how many bytes of data is transferred per second and how often information is exchanged.
It works through ARP-spoofing, which is a way that network traffic can be redirected. The software “monitors network activities for all IoT devices connected to the home network,” the researchers stated on their website.
How smart are Canadian homes?
Statistics estimate there is about 18 percent of households in Canada that use smart devices. That number is expected to grow to 34 percent over the next four years.
The most common smart home products for Canadians include thermostats, light bulbs and plugs, according to one study. Nearly 70 percent of the smart devices bought are thermostats, 40 percent are light bulbs and 30 percent are plugs.
There is also an interest among Canadian homes for more connected security devices, such as cameras, motion sensors, and smoke or carbon dioxide detectors. Yet, just 20 percent of those surveyed indicated a concern about privacy or security.
Security risks and the Internet of Things
A large part of the concern with smart home devices has come from reports that the companies offering these services also track what is being said and done with the device. For example, Amazon has a team of employees who listen to voice recordings from Alexa devices. Their job is to transcribe the recording and to use it to help the device become better at responding to users.
It has even become a political issue as lawmakers in California have proposed an Anti-Eavesdropping Bill that would limit how these tech companies collect and keep voice recordings.
In their work, the Princeton researchers discovered that a Chromecast device was regularly connecting with servers at Google even if it was not being used. In addition, they found a Geeni smart bulb was in constant contact with the cloud via a URL run by a Chinese-based IoT company.
One privacy advocate said that user protection was one of the main issues with smart devices.
“The smart home assistants are increasingly integrating with additional services and it’s going to be critical that they help ensure any partners are operating with confidentiality,” Jules Polonetsky, chief executive officer of the Future of Privacy Forum told CBC News.
Stay secure in your smart home
The team at Princeton has been focusing on the Internet connection because that is usually where the vulnerabilities lay. As part of their research, they have built a smart home on campus where they perform a variety of tests to discover what information is being gathered by IoT devices and who is doing the gathering.
If you do have a device that is sending information in a way you don’t want there are solutions, according to the researchers.
They note on their website that you can connect the device to a separate network. You can also buy home routers that can analyze network traffic and warn you about possible security issues. However, these routers are often expensive.
Inspector can work with Windows, Linux and Mac systems, but is not equipped to monitor smartphones or tablets.
One of the catches of using the tool is that it will also collect and transfer information back to the research team so they can further study smart home devices. However, the tool does give users the option to erase any data that is collected.
There is no special hardware needed to get the Inspector to work. It has the capability to track up to 50 smart home devices on a single network and can even monitor the devices to see if there is any hacking happening.