Is Your Nest Thermostat Spying On You?

In a convenience turned catastrophe situation, it has been revealed that Google’s newly acquired Nest smart thermostats are very easily hackable, and could turn into spies.


Photo: David Berkowitz / Flickr

These shocking revelations were brought to the general attention by Daniel Buentello, an independent researcher; Yier Jin and Grant Hernandez, both of the University of Central Florida.

According to the researchers, to access the developer’s mode of Google Nest, a hacker needs to insert a USB flash drive while pushing the power button.

This mode gives information on whereabouts, which could be easily used by thieves or spies. Furthermore, the hacker can also infect other devices using this mode and create a botnet. According to Hernandez, once this mode is activated, there are a number of options to manipulate the device, such as making changes in the existing code, implanting a new code, and rebooting the device while running some other function in the background. He further added that if a hacker gets access to the topmost level, he can easily control the networking potential of Nest.

What Is Nest?

Nest Learning Thermostat is a digital device that controls the temperature in your house. But that’s not the only thing it does. It was designed by the same people who made the iPod, and thus it has a whole list of functions. It also has Wi-Fi connectivity that allows the user to change temperature remotely from devices such as PC, phone, or tablet. While the price tag of $250 isn’t light on the pocket, Nest converts any home into a smart home. It also has a third party open API.

Nest hit the headlines in June this year after finalizing a $555 million deal for Dropcam, the home security company. Dropcam boasted of a wide range of products including a camera-microphone combo for both way communications, night vision cameras with zoom and Wi-Fi capabilities, adequate cloud storage to save camera recordings of up to a month, apps for home surveillance, and more.

While Nest has made sure that its devices are complex to hack wirelessly, hacking by physical access is still not very difficult. Buentello remarked that this could be easily exploited by someone who buys a large number of devices and hacks them before selling them off to target customers.

According to Orlando Arias from Central Florida University, the problem lies with the hardware and not software.

The Backdoor of Nest

Buentello explains that while wireless communication features of Nest are well protected, the USB port hasn’t been strongly secured. Its only purpose is to manually upgrade the thermostat’s firmware if the cloud-based update throws up an unexpected error.

The product has been designed to accept only those updates which possess the legal signed cryptographic code provided by the company. However, if you hold down the power button while inserting a USB device, this security feature doesn’t work and the machine accepts any firmware.

The problem with this whole scenario is that Nest is not just a thermostat. This machine is a Linux-based computer boasting of 2 GB flash memory to go with proximity sensors and Wi-Fi enabled networking.

The Nest possesses a lot of significant information, including your Wi-Fi name and password, your postal code, your availability at home, and much more. This information can be easily transmitted to nearby Nest devices, which is a company provided feature (Zigbee mesh-networking protocol).

The device can be easily compromised to communicate with other devices rather than just communicating with the Nest cloud. With enough infected devices, the hacker can form a botnet and start spreading malware. Also, the kind of information they possess makes these devices a jackpot for burglars.

According to Buentello, it is almost impossible to find out if your Nest device has been tampered with. To make things even worse, a much bigger network of these devices can be easily infected using a single hacked device. Possessing personal information and the daily routine of the user, these devices can cause serious harm if the details are given to a spy or a thief. The group has already started releasing tools to patch the Nest device.

The founder of Nest is aware of the problem and said that the company has a well-trained hacking team that is working continuously to cover up the vulnerabilities of the device.

According to Buentello, the smarter a device is made, the less secure it turns out to be. He insisted that the companies must aim to achieve high standards when it comes to the embedded devices, rather than working on Internet of Things.