"I hope that during the CES hoopla this week, vendors take notice of these kinds of failure conditions and apply some basic security design to address them. IoT devices tend to be designed with the happy path in mind, and often don’t consider an active adversary," Rapid7's Tod Beardsley said in a statement to CSO.
"In any home automation solution, including security products like the Xfinity line, I would expect at least some kind of logging to be happening in the event of a failure. You don’t want these radio devices alerting every time they get a hiccup on transmission, but if there’s a prolonged outage, I would expect this condition to be anticipated and handled by the vendors of these devices."
Sign up for CIO Asia eNewsletters.