Consumers are being bombarded by the Internet of Things (IoT) -- everyday embedded devices and appliances in your home that connect to the Internet. Those same devices are quickly becoming the targets of security researchers looking to show the dangers of such connectivity and the ill effects on owners' privacy. Last week at Black Hat USA 2014 in Las Vegas, the Nest Learning Thermostat was the latest IoT device to come under fire by University of Central Florida researchers Grant Hernandez and Yier Jin, and independent researcher Daniel Buentello.
The three researchers demonstrated the ease with which a Nest thermostat can be compromised if an attacker has physical access to the device. In less than 15 seconds, an attacker can remove the Nest from its mount, plug in a micro USB cable, and backdoor the device without the owner knowing anything has changed. The compromised Nest can then be used to spy on its owner, attack other devices on the network, steal wireless network credentials, and more.
[Read the rest of the article at Dark Reading.]