You must Register or Sign in to your Cyware account to perform this action
×Once you are logged in, you will be able to:
Customize your feeds by selecting categories you like
Comment on or Like an article
Receive the latest security stories, trends, and insights in your inbox
Build your profile and login across multiple devices
Bookmark a story and read it later
- Home
- Hacker News
- Internet-of-Things
- IoT devices send user data to third-parties including Netflix, Microsoft, and Google

IoT devices send user data to third-parties including Netflix, Microsoft, and Google
IoT devices send user data to third-parties including Netflix, Microsoft, and Google- September 20, 2019
- |
- Internet-of-Things
/https://cystory-images.s3.amazonaws.com/shutterstock_562645696.jpg)
- 56 % of the US IoT devices and 83.8 % of the UK devices are exposing information to third-parties.
- The most common data shared by IoT devices to third-parties include location data and IP addresses.
What was the study about?
Researchers from Northeastern University and Imperial College London have examined 81 Internet of Things (IoT) devices in the US and UK, including TVs, smart home hubs, smart speakers, doorbells, and appliances.
The researchers analyzed Smart TVs from popular vendors such as Samsung, LG, Phillips, etc as well as streaming devices such as Apple TV, Amazon's FireTV and Roku.
What did they find?
The analysis revealed that 71 out of 81 devices send user information to third parties including Netflix, Spotify, Microsoft, Akamai, and Google.
- 56 % of the US IoT devices and 83.8 % of the UK devices are exposing information to third-parties.
- The most common data shared by IoT devices to third-parties include location data and IP addresses.
- Almost all the smart TVs included in the study were found to share user data with Netflix.
- Almost all IoT devices expose information to network eavesdroppers via at least one plaintext flow.
- User and device behavior including user interactions with television sets and other household IoT products can be easily inferred by an eavesdropper via the traffic from at least 30 IoT devices.
- Video doorbells send video recordings to its service provider based on movement sensors.
“We analyzed both unencrypted and encrypted content in this section. First, we found very limited sensitive or personal information exposed in plaintext—a welcome observation given the sensitivity of data potentially exposed by such devices. Second, we found that even when devices use encryption, the timing patterns of their network traffic permits reliable identification of the interactions that caused the network traffic. Put another way, an eavesdropper can reliably learn a user’s interactions with a device across a wide range of categories, opening the potential for profiling and other
privacy-invasive techniques,” researchers said in a paper titled ‘Information Exposure From Consumer IoT Devices’.
- + Aware
Get such articles in your inbox
News
-
Previous News Sensitive Data Including Source Code and Credentials Belonging to Scotiabank Exposed via Github Repositories
- September 20, 2019
- |
- Breaches and Incidents
-
Next News Ava R-I School District hit with ransomware attack
- September 20, 2019
- |
- Breaches and Incidents
Popular News
Related News
-
Finland introduces cybersecurity label for ‘safe’ IoT products
- November 27, 2019
- |
- Internet-of-Things
Categories
Get such articles in your inbox
News
-
Previous News Sensitive Data Including Source Code and Credentials Belonging to Scotiabank Exposed via Github Repositories
- September 20, 2019
- |
- Breaches and Incidents
-
Next News Ava R-I School District hit with ransomware attack
- September 20, 2019
- |
- Breaches and Incidents
Popular News
Related News
-
Finland introduces cybersecurity label for ‘safe’ IoT products
- November 27, 2019
- |
- Internet-of-Things
Categories
