Bob Gourley contributed to Popular Science in a post titled
The smart hubs have eyes
“As miscreants learn that the pranks they can pull with this, Amazon’s going to be investing more and more into stopping these pranks, “ said Bob Gourley, co-founder of Cognitio Corp, a firm that does security consulting. “But there are going to be pranks, you can be sure of that.”
Pranks covers a wide range of activity, from a kid ordering a favorite toy over Amazon without parental permission to hackers finding their way into the device to watch live video inside a home. Gourley specifically highlights Shodan, a search engine that finds internet-of-things devices and, if they’re unsecured, lets outsiders watch video from cameras set up inside homes. Amazon has likely thought of this and included security features like requiring a voice pin before purchases that make it harder for anyone to simply gain access to all the device’s features. Still, it’s theoretically possible that a person could find a different internet-connected device, like a nanny cam with a default password, and then try to use that access to get into the Echo Show.