Paul Marrapese, who disclosed the flaws, has yet to hear back from any of the vendors involved and is calling on consumers to throw away their devices.
Apparently, the flaws he identified could enable an attacker to hijack the devices and spy on their owners.
Speaking to Threadpost, in a podcast interview, he explained that he disclosed the flaws to the vendors involved in April due to their severity. The lack of response is certainly worrying as it suggests that the issue of security is either being ignored or simply not being addressed and points to a dire outlook when it comes to security, vendor responsibility, and the IoT market in general, according to Marrapese.
With security an industry wide issue the lack of any type of response or action to his disclosure is a real concern. Are companies simply not concerned? Are they unwilling to properly test their products, to even architect their products to ensure they’re secure?
Probably the biggest worry is it that despite being told of the vulnerabilities, they simply haven’t responded.
These technologies are extremely invasive which means that once one has been hacked, then a whole network is vulnerable.
It appears that too many lazy vendors are adding to security worries, when it comes to the world of the connected device.