samsung fridge

Network Security: Home(wares) Edition

If you’ve followed this blog for the past few months, hopefully you’re more aware of online security.

You use a password manager, have 2FA turned on, keep your web site current, and keep up-to-date on the latest security news.

But here’s one thing you may have missed – make sure you update your refrigerator!

Appliance Makers: Update Commitments

The Wirecutter asked several major appliance manufacturers how long they would “guarantee security updates” for their Internet-connected appliances. The answers covered quite a big range.

Of those companies asked, only GE (and its related brands) gave a firm securty commitment. They’ll provide at least 10 years of security updates with potential for longer support.

Several other companies (Samsung, Dacor, Frigidaire, Bosch) gave vague commitments such as providing updates “for the duration of the product’s life”. An appliance generally has a product life of around 10 years, but you have to decide if you’re willing to make that gamble. Especially with an item costing hundreds of dollars that you may not easily replace.

At the bottom of the list are the companies that either had no comment or did not respond. I think it’s safe to say that you shouldn’t buy Internet-connected devices from these companies (KitchenAid, Maytag, Miele, LG).

Why You (May) Need to Update Your Fridge

You may not be especially worried about someone hacking into your refrigerator or stove, but you should be.

Not only could someone cause you a minor-to-major headache (turning up your refrigerator temperature, turning on your oven when you’re gone), but having a vulnerable Internet-connected appliance is the network security equivalent of the unshielded exhaust port on the Death Star.

This one small vulnerability can open the door to your entire network. This means all devices connected to it (your computers, phones, etc.) are exposed.

So if you’re planning on getting a smart appliance, it’s important that you buy from a company that is willing (and able) to keep your appliance updated and secure from hackers.

You can read the full Wirecutter article here.