By Tom Simonite, Technology Review
Home automation systems and networking equipment vulnerable to a major encryption flaw are unlikely to be fixed. Network-connected hardware can provide a backdoor into corporate or home networks, where valuable information is shared freely. A security bug uncovered this week affects an estimated two-thirds of websites and has Internet users scrambling to understand the problem and update their online passwords. But many systems vulnerable to the flaw are out of public view and are unlikely to get fixed. OpenSSL, in which the bug, known as Heartbleed, was found, is widely used in software that connects devices in homes, offices, and industrial settings to the Internet. The Heartbleed flaw could live on for years in devices like networking hardware, home automation systems, and even critical industrial-control systems, because they are infrequently updated.
Share on Facebook