Being Hacked: Understanding Victims' Experiences of IoT Hacking

Asreen Rostami, Minna Vigren, Shahid Raza, Barry Brown

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

8 Citations (Scopus)
38 Downloads (Pure)

Abstract

From light bulbs to smart locks, IoT is increasingly embedded into our homes and lives. This opens up new vulnerabilities as IoT devices can be hacked and manipulated to cause harm or discomfort. In this paper we document users' experiences of having their IoT systems hacked through 210 self-reports from Reddit, device support forums, and Amazon review pages. These reports and the discussion around them show how uncertainty is at the heart of 'being hacked'. Hacks are sometimes difficult to detect, and users can mistake unusual IoT behaviour as evidence of a hack, yet this can still cause considerable emotional hurt and harm. In discussion, we shift from seeing hacks as technical system failings to be repaired, to seeing them as sites for care and user support. Such a shift in perspective opens a new front in designing for hacking - not just prevention but alleviating harm.

Original languageEnglish
Title of host publicationProceedings of the 18th Symposium on Usable Privacy and Security, SOUPS 2022
PublisherUSENIX - The Advanced Computing Systems Association
Publication date2022
Pages613-631
ISBN (Electronic)9781939133304
Publication statusPublished - 2022
Event18th Symposium on Usable Privacy and Security, SOUPS 2022 - Boston, United States
Duration: 7 Aug 20229 Aug 2022

Conference

Conference18th Symposium on Usable Privacy and Security, SOUPS 2022
Country/TerritoryUnited States
CityBoston
Period07/08/202209/08/2022
SponsorEthyca, Google, Meta, NSF, USENIX Association

Bibliographical note

Publisher Copyright:
© 2022 by The USENIX Association. All Rights Reserved.

Cite this