Smart gadgets may pose the biggest security risk this Black Friday

Image depicting a hand on a scanner
(Image credit: Pixabay)

An investigation by Consumers’ Association has found over a thousand cheap smart gadgets replete with security and privacy issues on popular online marketplaces, in the run up to Black Friday.

Following the discovery, UK’s Which? is urging consumers to be cautious and keep an eye out for security-risk products when shopping for connected tech products.

According to the investigation, Which? found over 1,800 smart gadgets including smart doorbells, wireless cameras, smart alarms and tablets, which shipped with apps that were found to have inadequate security protections, and could leave users exposed to hackers or infringement of their data privacy.

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window <<

The products were found on popular online stores including AliExpress (1,461), eBay (288) and Amazon Marketplace (90).  

Caveat emptor

In its investigation Which? discovered 112 Android tablets on AliExpress and eBay, many of them marketed for children, that were powered by unsupported versions of the mobile operating system. In fact, some of them had not received a security update for more than seven years. 

Which? also found that just four apps, namely Aiwit, CamHi, CloudEdge and Smart Life, powered 1,727 different products. Working with cybersecurity experts from 6point6 and the NCC Group, Which? found security issues in all the apps.

Password security was one of the issues with the apps using weak defaults that could potentially allow hackers to view live footage on a smart doorbell or a wireless camera, Which? argued.

“While there are no laws currently mandating a certain level of security and privacy protection in smart products, some of the flaws Which? found would be made illegal under new legislation currently being planned by the UK government. Its Product Security and Telecommunications Infrastructure Bill is expected to be introduced to parliament in the coming months,” Which? notes.

Stay safe online with the best ID theft protection tools

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.