Nest got back to us, saying that the researchers assumed incorrectly what the geo-location data was for, which actually was used for the weather station, not the user’s house: “The
authors initially made an incorrect assumption, which we pointed out to them before they presented their report, that the response to the weather update request contains exact location of the
customer’s home. In fact, the weather information is provided by an online weather service, and the geolocation coordinates are for their remote weather stations, not our customers’ homes.
The only user information that is contained in the requests is zip code. We have reached out to the researcher to make this clarification update.” A group of researchers have revealed
that the Internet of Things is probably less secure than you expect. At a talk during PrivacyCon held by the Federal Trade Commission last week, the researchers revealed that many smart
devices leak private information in cleartext — with little to no effort to encrypt that data.
Read the whole story at The Next Web »