How Risky Are Real Users' IFTTT Applets?

Smart-home devices are becoming increasingly ubiquitous and interconnected with other devices and services, such as phones, fitness trackers, cars, and social media accounts. Builtin connections between these services are still emerging, but end-user-programming tools such as If-This-Then-That (IFTTT) have existed for almost a decade, allowing users to create rules (called applets in IFTTT) that dictate interactions between devices and services. Previous work found potential secrecy or integrity violations in many applets, but did so without examining how individual users interact with the service. In this work, we study the risks of real-world use of IFTTT by collecting and analyzing 732 applets installed by 28 participants and participants’ responses to several survey questions. We found that significantly fewer applets than previously thought pose realistic secrecy or integrity risks to the users who install them. Consistent with this finding, participants were generally not concerned about potential harms, even when these were explained to them. However, examining participants’ applets led us to identify several new types of privacy risks, which challenge some assumptions inherent in previous analyses that focus on secrecy and integrity risks. For example, we found that many applets involve monitoring incidental users: family, friends, and neighbors who may interact with someone else’s smart-home devices, possibly without realizing it. We discuss what our findings imply for automatically identifying potentially harmful applets. Copyright is held by the author/owner. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee. USENIX Symposium on Usable Privacy and Security (SOUPS) 2020. August 9–11, 2020, Virtual Conference.

[1]  Qi Alfred Chen,et al.  ContexloT: Towards Providing Contextual Integrity to Appified IoT Platforms , 2017, NDSS.

[2]  Roksana Boreli,et al.  An experimental study of security and privacy risks with emerging household appliances , 2014, 2014 IEEE Conference on Communications and Network Security.

[3]  Hsu-Chun Hsiao,et al.  SafeChain: Securing Trigger-Action Programming From Attack Chains , 2019, IEEE Transactions on Information Forensics and Security.

[4]  Qi Wang,et al.  Fear and Logging in the Internet of Things , 2018, NDSS.

[5]  Franziska Roesner,et al.  Who's In Control?: Interactions In Multi-User Smart Homes , 2019, CHI.

[6]  Benjamin C. Pierce,et al.  A Theory of Information-Flow Labels , 2013, 2013 IEEE 26th Computer Security Foundations Symposium.

[7]  Lujo Bauer,et al.  Some Recipes Can Do More Than Spoil Your Appetite: Analyzing the Security and Privacy Risks of IFTTT Recipes , 2017, WWW.

[8]  Patrick D. McDaniel,et al.  IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT , 2019, NDSS.

[9]  Nan Zhang,et al.  HanGuard: SDN-driven protection of smart home WiFi devices from malicious mobile apps , 2017, WISEC.

[10]  Atul Prakash,et al.  Security Implications of Permission Models in Smart-Home Application Frameworks , 2017, IEEE Security & Privacy.

[11]  Rodrigo Fonseca,et al.  Toward Usable Network Traffic Policies for IoT Devices in Consumer Networks , 2017, IoT S&P@CCS.

[12]  Gurusamy Mohan,et al.  Dynamic attack detection and mitigation in IoT using SDN , 2017, 2017 27th International Telecommunication Networks and Applications Conference (ITNAC).

[13]  Tadayoshi Kohno,et al.  Securing vulnerable home IoT devices with an in-hub security manager , 2017, 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops).

[14]  Nick Feamster,et al.  Discovering Smart Home Internet of Things Privacy Norms Using Contextual Integrity , 2018, Proc. ACM Interact. Mob. Wearable Ubiquitous Technol..

[15]  Lorrie Faith Cranor,et al.  Exploring How Privacy and Security Factor into IoT Device Purchase Behavior , 2019, CHI.

[16]  Atul Prakash,et al.  Decentralized Action Integrity for Trigger-Action IoT Platforms , 2018, NDSS.

[17]  Blase Ur,et al.  Rethinking Access Control and Authentication for the Home Internet of Things (IoT) , 2018, USENIX Security Symposium.

[18]  Andrew C. Myers,et al.  Complete, safe information flow with decentralized labels , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[19]  Atul Prakash,et al.  FlowFence: Practical Data Protection for Emerging IoT Application Frameworks , 2016, USENIX Security Symposium.

[20]  Yang Wang,et al.  Privacy Perceptions and Designs of Bystanders in Smart Homes , 2019, Proc. ACM Hum. Comput. Interact..

[21]  Heather Richter Lipford,et al.  I don't own the data": End User Perceptions of Smart Home Device Data Practices and Risks , 2019, SOUPS @ USENIX Security Symposium.

[22]  Michael D. Ernst,et al.  Automatic Trigger Generation for Rule-based Smart Homes , 2016, PLAS@CCS.

[23]  Srinivasan Seshan,et al.  Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the Internet-of-Things , 2015, HotNets.

[24]  Roksana Boreli,et al.  Network-level security and privacy control for smart-home IoT devices , 2015, 2015 IEEE 11th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[25]  Patrick D. McDaniel,et al.  Soteria: Automated IoT Safety and Security Analysis , 2018, USENIX Annual Technical Conference.

[26]  Ying Zhang,et al.  An empirical characterization of IFTTT: ecosystem, usage, and performance , 2017, Internet Measurement Conference.

[27]  Earlence Fernandes,et al.  Security Analysis of Emerging Smart Home Applications , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[28]  Jose M. Such,et al.  More than Smart Speakers: Security and Privacy Perceptions of Smart Home Personal Assistants , 2019, SOUPS @ USENIX Security Symposium.

[29]  Vitaly Shmatikov,et al.  Situational Access Control in the Internet of Things , 2018, CCS.

[30]  Yuan Tian,et al.  SmartAuth: User-Centered Authorization for the Internet of Things , 2017, USENIX Security Symposium.

[31]  Musard Balliu,et al.  If This Then What?: Controlling Flows in IoT Apps , 2018, CCS.