If high-tech gadgets are on your holiday shopping list, it is worth taking a moment to think about the particular risks they may bring. Under the wrong circumstances, even an innocuous gift may introduce unexpected vulnerabilities. In this blog series, VERT will be looking at some of the Internet’s best-selling holiday gifts with an eye toward their possible security implications. Some of the risks discussed in this series may be over the top and even comical while others may highlight realistic problems you may not have considered.
Looking at a WIFI Microscope kit
In this first installment of the series, I’ll be discussing a WiFi microscope kit. There are, without exaggeration, dozens of listings for these devices on Amazon and most of them appear to be the same or very similar hardware with different brandings and varying accessories. Being the science geeks that we are, our team was quick to buy one of these devices when we saw it listed as a top-seller on Amazon’s holiday gift guide.
The microscope itself is compact with a wheel to adjust the lens and a few buttons for power, digital zoom, and to trigger image capture. It is necessary to connect a computer or smartphone to view and store images. From the quick start guide, Android and iOS devices can obtain a viewer app called “Max See” from their respective stores, macOS users can connect via USB and launch Photo Booth, but Windows users are directed to download a program for accessing the camera via USB or IP.
Reviewing the Security Implications
The question of whether additional software must be installed to utilize a device is an important question from the perspective of security. Installing software on a system generally widens the attack surface and, from a purely security perspective, should be avoided (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Craig Young. Read the original post at: https://www.tripwire.com/state-of-security/featured/hacking-christmas-gifts-putting-iot-under-the-microscope/