/ Technology

Update: could your tech be secure by design?

The government has today launched a code of practice to ensure that connected products are ‘secure by design’. Tech companies HP Inc and Centrica Hive are the first to commit.

Update 14/10/2018

The government has launched a code of practice to ensure that connected products are ‘secure by design’. Security must now be considered in the design process rather than being left as an afterthought.

We welcome the government taking a lead in tackling the growing issue of security in internet-connected products. Manufacturers of these smart devices must now show they are taking security seriously and sign up to the code to better protect consumers who use their products every day.

Read the latest news here

New safety risks

In its 60 years of existence, Which? has been a champion of consumers’ rights, given advice on products and services, and held industry and the government to account where we find problems – all to keep consumers protected.

Over the past six decades, we’ve had to adapt our testing to ensure we cover the products that have continued to change consumers’ lives. We rigorously test and provide advice that allows consumers to make a smarter decision on the product or service they’re purchasing.

The range of technology we test has grown and expanded over time, as has what is available on the market, with manufacturers continually innovating on features and design.

As technology has changed, new challenges have come to the fore and new risks to consumers’ safety have been exposed.

The security of consumer’s products is the next big issue for Which? and for the industry. Smart technology, the internet of things, and connected homes will bring benefits to consumers, but also risks. From cyber attacks and data leaks come scams and fraud, threatening people’s safety and the security of their personal information.

That’s why, in 2014, we first started investigating the security of smart products. Then, in 2015, we brought in a security-testing programme for cameras and wearables, before adding thermostats, smart hubs and more.

We’ve already spotted problems from connected toys that have no security measures, leaving children at risk, to wireless cameras that you can’t protect. We’ve also seen a connected coffee machine that wasn’t secure and allowed us to overload it during testing – a flaw that could lead to a fire.

Code of practice

At the moment, consumers have no way of knowing if a smart product isn’t secure and whether they’re protected or not. And we think that the onus and expectation to make a product secure should be on the manufacturer at the point of design and manufacture, not with the consumer as an after-thought.

Today, Digital Minister Margot James MP joined us at Which? with an invited audience from across the tech industry, manufacturers and academics to launch the government’s new code of practice for manufacturers of connected technology.

We’re supporting the government’s plan for improving the security of connected consumer technology. It’s no longer acceptable for a connected product to be put on the shelves and for it to not be secure.

We believe it’s time that manufacturers took safety and security seriously. With connected devices becoming increasingly popular, it’s vital that consumers aren’t exposed to the risk of cyber-attacks through products that are left vulnerable by manufacturers’ poor design and production.

Companies must ensure that the safety of their customers is the absolute priority when ‘smart’ products are designed.

If strong security standards aren’t already in place when these products hit the shelves, then they shouldn’t be sold.

What security standards do you expect to be in place when you buy smart products? Are you wary of buying connected tech because of the risks it poses?


This comment was removed at the request of the user

Which? seems to be setting out or endorsing some fairly aspirational ideas here.

We know that security flaws come to light all the time in devices like computers and smart phones. Those devices are sold in vast numbers, so their manufacturers can afford the teams of software engineers that are needed to roll out retrospective bug fixes for emerging security or functional flaws.

Other, less ubiquitous, “smart devices”, like smart TV’s, must be selling in much smaller numbers. We have already seen that smart TV manufacturers cannot even keep their basic functionality updated. Hence their “smart features”, such as the ability to work with BBC iPlayer, tend to fail after only two or three years. I think folk trying to keep other smart products up to date, e.g. with security patches, are likely to face similar difficulties.

Given the current “race to the bottom” for the prices of consumer goods, we also seen that manufacturers are struggling to get even simple tech right. So we have kettles that (sometimes) make foul smelling drinks and tumble dryers that (sometimes) catch fire.

When I worked in the defence industry, we knew that we could not absolutely guarantee the security of any internet connected computers, so we kept all of our most secret data on isolated, non-networked machines. Having any sort of internet connected device and expecting it to be secure, on the basis of a “right-first-time” design could rather like wanting to eat your cake and then have it.

There is a dichotomy here between the desire to advance technology and the results of doing so. The more automated and remotely controlled the household becomes, the easier it is for criminals to find a way of breaking in. The fear is that it is not simply burglary but untold damage to property when this automation malfunctions. Of course it doesn’t have to be criminals that cause this. Anyone who buys a product without understanding how it works, could well remotely damage it and perhaps cause a fire. Some items really require the owner to be present when they are in operation. I would not run a tumble drier remotely, for instance. With the skill that these criminals are able to deploy, it is hard to see any manufacturer being able to guarantee, that under all circumstances, their product will work for the owner alone. The links between products are also vulnerable. Though this technology is seen as the way forward to a new way of living, I wonder if it is driven by the manufacturers rather than a demand from the public. How many of us need to have the kettle boiling as we come through the door? How many need the fridge to place shopping orders for us? Actually setting up and controlling all these gadgets is also a problem. We need to make sure they do exactly what we want them to and technology has a way of placing limits on the way things work, so that they do them in a programmed sequence and not necessarily as we would like them to work. It is also a fact that any external attack on a network or country could disable these household products and reset them. A power cut might do the same. The more we automate things and join them together, the more we, as a country, can be paralysed. We can be now, but it can only get worse in this brave new world. I am not sanguine about the way things are shaping and you are right in the introduction to suggest that safety and security should come before any product is put on to the market for sale.

This comment was removed at the request of the user

This comment was removed at the request of the user

I don’t have any concerns over data being checked during the repair of IT equipment and any illegal material being reported to the authorities. After, all, that is how the child pornographer and child sex abuser Gary Glitter got rumbled when he took his PC in for repair and the technician discovered heaps of illicit images. Since I am not “up to no good” I have nothing to fear from the contents of my hard drive. But the problem is that an enormous amount of our innocent private information has the potential to wreck our lives in the wrong hands if it is extracted and misused.

I certainly don’t see why many home appliances need to be connected or made slaves to a controlling system. It seems like a solution looking for a problem to me and for most people just a vanity concept. It’s like smart meters and home hubs – the promoters of these products seem to be able to suggest only one or two practical uses for them, and those are of dubious value, with the rest being contrived conceits suggesting they are playthings rather than essential accessories.

Many of us have personal, financial, private information on our devices that we would not want anyone else to access. A warrant is required to search your premises; we don’t let the decorator or plumber go through your filing cabinet just in case incriminating information comes to light and can be reported.

Whilst I have nothing that is incriminating in my possession (I hope) protection of privacy should be a cornerstone of a civilised society. Information gained illegally should be inadmissible, however hard that might seem. Inevitably, though, even if the evidence cannot be used the suspicion it arouses can be followed up in legitimate ways.

In future a smart device could report its location if it is identified as having a (possible) inherent fault to make a recall system work properly. I could support that with the right safeguards.

I agree with Vynor as to why do we need so many devices operated remotely connected to a vulnerable web? It is hard to conceive of every possible way someone might accidentally or deliberately infiltrate your device and only experience might bring these things to light, however hard the manufacturers try to anticipate and avoid by design. Most of them seem to me to be adult novelties and I would avoid them. Perhaps they should all carry a “health warning” so people are aware of the risk they take, and if they don’t like them then either don’t buy them or disconnect them from the web.

I agree with malcolm r.

Just as it is impossible to make a tumble dryer that poses zero fire risk, i.e. one that can be absolutely guaranteed to never start a fire, making internet connected devices 100.000000% safe and secure will also be impossible.

In professional health and safety terms, we say something is “safe” if the risks associated with it are small (but not necessarily zero) in relation to the benefits arising from its use. Private cars are a good example of where we make trade-offs between convenience and safety. In other convos, we have already discussed the challenges involved in the design of “safe” self-driving cars and some of the potential unintended consequences of such designs.

If a code of practice – or standard – is to be produced, the above issues will need to be dealt with. From our discussion of fire safety standards for electrical appliances, we should be able to get some idea of how much work will be involved.

At one time, mobile phones could make calls and send texts, and then they involved into powerful portable computers requiring security software and periodic updates to keep them safe. With some smart devices I expect that the same will be necessary.

As technology develops we will learn the risks and take appropriate security measures. At present it is not difficult to avoid smart devices and my main concern is with cars, where we may have no choice.

This comment was removed at the request of the user

As I have said before NO technology is 100% safe ….I doubt it will be for along time because there are very clever people trying to break every new security system all the time many on behalf of governments everywhere

This comment was removed at the request of the user

…and the first operational quantum computer wil spell the death knell for encryption, so that will be fun.

Ashwin kumar says:
1 March 2019


Hi Ashwin! Welcome to the conversation!