For you:
A recent 60 minutes segment has brought considerable attention to the ability for a ‘man in the middle’ to intercept voice conversations to or from mobile devices. This is due to a weakness in core telephone network technology. It appears that only preventative measure is to encrypt the voice calls in a manner that authenticates the devices at both ends of the call. Products like those from Open Whisper Systems and Silent Circle address these concerns. We wrote briefly about Signal (developed by the former) in our recent iPhone encryption article. Mobile to landline conversations are not addressed by these products.
For the world:
A thorough academic analysis of Samsung’s SmartThings home networking system has been undertaken by researchers at the University of Michigan. https://iotsecurity.eecs.umich.edu
Alarms have been sounded in the popular tech press.
The bottom line is that IOT security depends on proper implementation of core security principles, some of which are not evident to the manufacturers, third party developers and/or the users. IOT = Caveat Emptor.
About the author
Paul is a founding partner at ARV and writes on technology, security and associated best practices for lawyers and their clients