The fear of connected devices
Despite the fact that more and more users embrace connected devices such as smart bulbs, locks and sensors for doors or windows, thermostats and, mainly, smart speakers among others, it is true that there is still a lot of fear and mistrust regarding their use within the home.
In the case of smart speakers even more so, because they include microphones that are there to hear everything what we say when we ask or maybe not. Because we have already experienced controversies in which they not only listened to practically everything that was said, it is that the recordings could also be accessible to the personnel of the company that makes them.
Well, despite the fact that those problems about unauthorized eavesdropping have already been solved, it seems that there is always something new and the latest is an investigation carried out by Northeastern University and splashes directly on the Amazon Echos.
This team of researchers decided to buy several of the company’s loudspeakers on the second-hand market. When they received them they were surprised that more than 60% of them came without a factory reset. So they kept all the information and even access to services that could pose a significant problem for their previous owner.
Of course, that is a human mistake, because they did not worry about restarting or deleting the Amazon Echo, but what if we tell you that even after being respected from the factory they still kept information from the previous owner.
Well that’s what happened Data remains in the Echo’s Flash memory such as those that give access to the WiFi network, smart devices connected to the device, etc. That is, information that should not be there. But that implies that they are really insecure and should we forget about them in our day to day?
Are they really unsafe?
From the information provided by Northeastern University: at first you have to think that they are certainly not secure devices. But, secondly, when you see the process to gain access to that data, things change.
To be able to know data like the previous ones described through the Flash drive of an Amazon Echo, it is necessary desoldering the chip from the board the device and then place it in a special reader. It is not something that from home you can do in just 30 minutes with a simple USB cable.
So yes it is true that the data is there, but the risk is greatly reduced. So you still have to consider that it is not so much a risk as an opportunity to continue improving a device like these Amazon Echo through lower-level formatting processes so that everything is ready.
Surely Amazon will do something, although they have already commented that the really important data such as the user account and password or credit card is never shared, because it is not information that is on the speaker.
So, we are not going to tell you what you should do or not, surely you have criteria and reasons to make the decision you want, but we would have to think how many times we are giving all that information by ourselves (many times without being aware of it and the use they could do) and it is not through a smart speaker.
Of course, our recommendation for any type of device that you are going to sell is that you consult the product information to perform the factory reset and erase as indicated by the manufacturer. It will save you trouble.