When you own a device that controls your home in more ways than one and is privy to all your conversations, it’s understandable you would worry about what would happen if anyone was to take advantage of any weaknesses the system might have.
Hacker Jerry Gamblin went in depth with it in a blog post and a series of tweets after he has purchased the Google Home Hub for himself. According to him, it’s easy to hack into the device and gain complete remote control of the system via undocumented APIs, and he made a point out of it by sharing a short video on his Twitter account.
He claims that the device’s security is ‘beyond dismal’ and that he is “shocked by how poor the overall security of these devices are.”
Google was quick to dispute Gambin’s claims by releasing a short statement.
All Google Home devices are designed with user security and privacy top of mind and use a hardware-protected boot mechanism to ensure that only Google-authenticated code is used on the device. In addition, any communication carrying user information is authenticated and encrypted.
A recent claim about security on Google Home Hub is inaccurate. The APIs mentioned in this claim are used by mobile apps to configure the device and are only accessible when those apps and the Google Home device are on the same Wi-Fi network. Despite what’s been claimed, there is no evidence that user information is at risk.
– Google, for Android Authority
In a nutshell, Google claims that though Gambin’s security code snippets make a somewhat valid point, only the devices that are connected to the same networks as the Google Home Hub could manage the feat.
You do have to keep in mind that, if a hacker would gain access to your home network, the Home Hub and any other devices that are connected to it would be affected.
The bottom line is this: keep your devices as secure as possible and don’t take any risks.