'Internet of Things' full of vulnerabilities


A recent research report [PDF] from HP's Fortify on Demand division found that seven out of ten of the most commonly used Internet of Things consumer devices contain serious security vulnerabilities.

Fortify on Demand said that some of the vulnerabilities include insufficient or non existent authentication mechanisms with weak passwords, data and firmware/software being transmitted in the clear without encryption, as well as insecure web interfaces for the devices.

Devices were found to be vulnerable to the OpenSSL "Heartbleed" flaw but also to cross-site scripting or XSS, Fortify on Demand said.