You have purchased a brand new home security device. The package promises that thedevice will give you full control of your home, allowing you to do everything from control thelights to see who’s knocking at the door. It communicates through your home network usingsome sort of communication protocol, and perhaps even lets you set a password. Installationsimply requires pairing the device to the central Internet of Things hub in your home, like pairingyour phone to a Bluetooth speaker. All seems right in the world. But what if the very device that you purchased to secure you home were a portal forattackers to gain access. What if there were open source tools on GitHub that anyone allowedanyone with a computer to intercept the messages being passed between you and your device.What if there were a search engine as simple as Google that specifically found IP addresses ofdevices such as yours, and allowed anyone to see the video content it captured with the click of abutton. What if the personal computer security risks of the mid 1990‟s resurfaced, but on alarger, much riskier scale. What if your security device wasn‟t very secure at all?