We’ve talked a lot about the security of smarthome devices, but when it comes down to it, the most important step to secure your smarthome gear is to secure your Wi-Fi network, plain and simple.
Recently, hacker and security advocate Jerry Gamblin was able to easily reboot his Google Home Hub from his laptop using a simple
curl command. I was able to replicate this myself using Terminal on macOS, and indeed I was able to reboot my downstairs Home Hub from my home office upstairs.
Gamblin was also able to turn off notifications, as well as even erase the Home Hub’s wireless settings, which “makes the device unusable until you manually reconfigure it using the Google Home application.” Unsurprisingly, Gamblin is “extremely disappointed” and “genuinely shocked” by the lack of security the Home Hub contains.
The catch, though, is that you have to be connected to the same Wi-Fi network as the Home Hub in order for any of this to work. So, while you don’t have complete control over the security of your smarthome devices, you at least have full control of the security of your Wi-Fi network. Make sure you’re at least using WPA2 encryption on your wireless router with a strong password so that anyone who isn’t authorized to access your Wi-Fi can’t do so.
Of course, as Gamblin notes, shared Wi-Fi networks (like at schools, dorms, businesses, etc.) are a bit more of a problem here, and someone on these networks could easily mess with a Google Home Hub down the hall.