Apple’s HomeKit Security vs. ioT Botnets – There’s Only So Much Apple Can Do

2 minute read
| Analysis

The recent botnet attacks have called into question the security of all our various internet of Things (ioT) devices, and rightfully so. Those attacks happened because people like you and me had routers, webcams and other gizmos in our homes that were not properly secured. Some of those security issues are fixable by general users, but many are not.

The majority of the devices that were involved in the DDoS attack on Dyn, for example, were compromised using a security hole that came from one of the device’s chipset vendors. This was something that most users wouldn’t be able to change even if they knew to try.

We Have a Problem. Is HomeKit the Solution?

Botnets vs. Privacy and HomeKitA lot of discussion has centered around solving this problem going forward. Indeed, the botnet that attacked Dyn is still very much alive, functional and, in many ways, unstoppable. One of the regular chimes I hear in our Apple-centric universe is, “HomeKit is secure, it must be the answer.”

HomeKit is secure. The transmissions between your iPhone and HomeKit-enabled devices are encrypted using some of the best security that exists. Problem is, HomeKit might not be the only way to access those devices. Indeed, it’s rare that a Wi-Fi-based smart home device is built to use only HomeKit. Most devices support HomeKit amongst a sea of other access options, often including a self-branded application or web service from the device manufacturer.

HomeKit is the most secure of any of the methods we’ve seen, which therefore means all these other methods are less secure and potentially easier to hack. In addition to that, there are the aforementioned security holes that can exist in the devices’ chipsets themselves, having nothing to do with the stated purpose of the device.

Plugging the holes

An obvious question, then, is why don’t device manufacturers plug all these holes? The good news is that many do. In researching this article, we spoke with quite a few smart home device manufacturers, and all of them responsibly spend time closing off all access to their devices before meticulously opening only those ports and services that are required for proper operation. That still leaves an access target, but it limits it to something the device manufacturer is aware of and hopefully can control.

The important thing to note, though, is that HomeKit’s device specification and certification process does not require manufacturers to perform any security beyond that which relates to HomeKit access. You could theoretically have a HomeKit-enabled device that contains one or more non-HomeKit security holes. Thankfully we haven’t found one yet, but it is most certainly possible. Even in that case, though, the HomeKit transmissions and data would still be secure, and even a hacked device wouldn’t allow access to your iPhone or any of its data. HomeKit keeps all that contained.

What Can I Do To Protect My Devices?

The other thing you can do is to secure your home network. Router manufacturers are in a unique spot to help detect and even prevent these kinds of attacks but, until they’re up-to-speed with this, you need to do the work yourself.

Consider disabling UPnP or NAT-PMP on your router and using manual port forwarding instead. UPnP and NAT-PMP allow your devices to automatically request that certain ports be forwarded to them, and can often be the source of unintentional (or intentional) security holes. By manually forwarding the requested ports you’re in a position to prevent unnecessary external access to your devices in the event some malware makes its way onto one of them in the future.

Additionally, choose devices from known, trusted vendors and ask them about each device you plan to use. Check with us, too. We’re regularly testing these things and we talk about this kind of security on Mac Geek Gab all the time. Check online to see what others say. The bottom line is: do your research, and know that we’re here to help.

8
Leave a Reply

Please Login to comment
8 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
6 Comment authors
Rick AllenScott B in DCDoug Petrosky Recent comment authors

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
newest oldest most voted
Notify of
Member
Stacy Michal

I agreed with Rick. I wasnt aware with NAT firewall before but i read an article on PureVPN’s blog than i realize how important it is

Member
Rick Allen

I think that one of the main issues with routers is the education curve on how to configure one properly. Port Forwarding / NAT and the other concepts involved are beyond most users I think. I see most people just plug in their wifi router and very few I have dealt with ever knew that these things were even configurable, or how to do it. I think that bye default these options should be off from the manufacturer. It would force people to maybe understand a bit of what is actually going on. Dave, I love both articles that you… Read more »

Scott B in DC
Member
Scott B in DC

Those attacks happened because people like you and me had routers, webcams and other gizmos in our homes that were not properly secured. Some of those security issues are fixable by general users, but many are not. I have a novel idea… why not blame the industry for not making it easier to configure routers and other items without having to have earned a degree in computer science? We have home thermostats to keep our homes a certain temperature, we do not need to know about HVAC to operate them. We drive cars that, forgetting the current state of bad… Read more »

Doug Petrosky
Member
Doug Petrosky

I listened to the discussion on Mac Observer on this and couldn’t stop yelling at the phone as if it would help, because are making assumptions you don’t know. 1) All HomeKit devices have to be sent to Apple for “approval” and you assume Apple only tests the device for HomeKit and not general security. This may be true but it would be odd for Apple to spend so much time harding HomeKit and then approving a device that left SSH open to a default password. 2) The fact that much of the data coming from many of the devices… Read more »

Member
flo_muc

Full disclosure: I’m an employee of Elgato Systems in Munich… Dave, you may want to note that Bluetooth HomeKit accessories like the Elgato Eve range of products are probably the most secure on the IoT market. All Eve accessories only implement HomeKit (HAP) and exclusively use Bluetooth. Remote access to those is provided solely through a so-called Home Hub, either Apple TV or an iPad running iOS 10 or later. So the only reasonable way to compromise Bluetooth-only accessories would be to hack Apple TV or an iOS device – both not too likely. In addition to other huge advantages,… Read more »