Monday, 25 January, 2016
  • Science
  • Nest Thermostat Found To Have Leaked Zip Codes

Nest Thermostat Found To Have Leaked Zip Codes

Image Nest Image Nest
Emely Stone | 23 January, 2016, 03:04

This particular leak of zip codes of the local weather stations might not be all that serious since no personal information were leaked, but it does showcase the challenges involved in ensuring that information remains as secure as possible, with more and more folks plugging in additional smart devices in and around the home. 

"You have a hardware that is incapable, and information that's always being sent to the cloud", Grover said.

The researchers also studied several other smart devices, including the Sharx security camera, a PixStar smart photoframe, and Samsung's SmartThings Hub. The team found that a few gadgets that were checked sent out information in the open. 

"In fact, the weather information is provided by an online weather service, and the geolocation coordinates are for their remote weather stations, not our customers' homes". When setting up the Nest thermostat, users are required to enter a zip code.

However Nest is playing down the leak, saying that the only information revealed was the location of the local weather stations.

Nest thermostat
Image Nest

Researchers at Princeton University have found that, until recently, Alphabet's popular Nest thermostat was leaking the zip code and location of its users over the internet. On the whole, CITP researchers say that "many devices" don't encrypt "at least some" of the details that they transmit over the internet, but encryption may not be enough.

Researchers found that Nest thermostats were leaking zip codes over the Web. The IoT company reportedly quickly patched the flaw when it was notified.

Most popular IoT devices, including Google's Nest Thermostat, have security vulnerabilities, Princeton researchers found. There is, however, some hope in the unified platform that both Apple and Mountain View Internet giant provide for the IoT, which would help standardize communication and security. This data were transmitted unencrypted, or in the clear, meaning that anyone sniffing traffic could have intercepted it, according to the researchers.

At a presentation at the Federal Trade Commission (FTC) PrivacyCon conference, Grover warned that IoT devices can leak sensitive information, including whether device owners are at home and the activities of the device owners.

Nishikori and Goffin advance at Australian Open
On the women's side of the draw, fifth seed Maria Sharapova flexed her muscle in a three set win against the USA's Lauren Davis. No. 15 David Goffin beat No. 19 Dominic Thiem 6-1, 3-6, 7-6 (2), 7-5 - his first win against a top-20 player at a Grand Slam.

Recommended

Trending Now

Could Daredevil Be Recast In Avengers: Infinity War?

Konta continues progress at Australian Open

Moody's reviews debt ratings for 120 companies

Trump and Sanders hold big leads in Iowa polls

Clinton campaigns with pop star Demi Lovato in Iowa

Here's how to get a free Microsoft Surface Pro power cord replacement

Overkill's The Walking Dead game delayed to 2017

Bernie Sanders says voter turnout is key to early voting states

Clinton faces challenge in Iowa caucus reminiscent of 2008

Tottenham boss fancies Wembley as temporary stadium

Dont Miss

United Kingdom lawmakers slam Trump, but most oppose banning him

2 killed in Greyhound bus crash in Calif.

Rubio Attends Fundraiser in MN, Eyes Super Tuesday States

Businesses nervous on possible New Mexico REAL ID stalemate

GM Ignition Switch Trial Ends Abruptly Amid Claims Of Fraud

Police Arrested Palestinian Who Killed Israeli Woman

Broncos healthy for AFC championship against Pats

Flock of sheep bring police chase to a safe end

Panthers build 31-0 lead, hold on to beat Seahawks 31-24

Egypt condemns attack on AU base in Somalia

Guidolin appointed as Swansea head coach

Apple hires big-name VR researcher