#DigitalSkeptic: Crowdfunded Gadgets Come With Security Dangers

NEW YORK ( TheStreet) -- It took Adam Sager all of two minutes to give me a one hell of a Halloween fright.

"When it comes to the security of consumer electronics -- crowdfunded or otherwise -- some of the problems are so blatant, it's shocking," the founder of Manhattan-based security appliance maker Canary told me amid a dark and spooky phone call last week.

Sager has a darn chilling viewpoint on the trustworthiness of a new generation of socially funded electronics thrown off by crowdfunding platforms such as Kickstarter or Indiegogo. His 15-person firm has created one of the most successful crowdfunded electronics campaigns in history: Starting this past July, his $199 smart-home security device -- which provides an HD video feed and multiple sensors that capture the safety and security of a home, office or apartment -- raised a cool $1.96 million on Indiegogo.

Sager also has roughly a decade and a half of top-flight security experience, with a stint in the Israel Defense Forces and as a professional security consultant for firms such as McLean, Va.-based Booz Allen Hamilton and London-based Control Risks.

Eighteen months ago, Sager came home to his rented suburban home in New York after a 10-day vacation and had a big-city paranoid moment.

"I realized anything could have happened to my house when I was away. And I said, 'This is crazy, I am going to buy something that could solve this problem,'" he said. "But if you walk into a Target ( TGT) or an Apple ( AAPL) store and ask the manager for the home security device, they look at you with a blank stare."

Sager began scaring up an easy-to-use home security option, such as professionally installed systems from the likes of ADT ( ADT), Honeywell ( HON) or Slomin's or do-it-yourself options makers such as McLean, Va.'s FrontPoint Security, Iris Home Management System, available through Lowe's ( LOW), or Cambridge, Mass,-based SimpliSafe.

"But what you learn is, as soon as a device relies on the user to set up the security of that device properly," he explained, "the chance for that device to really be secure drops dramatically."

Once Sager saw that idiot-proofing security devices was a serious business, he quickly teamed up with a buddy from the New York tech community, Chris Rill, to develop a super-simple, multisensor security appliance. And so the Canary took flight.

I asked Sager the obvious next question: What was his professional security geek's take on the overall safety of the smart devices seeping into people's homes and offices? He didn't flinch.

"Not only for crowdfunded consumer electronics, but for all electronics, if you make a product and you leave security for that product up to the average person, you're simply not doing your duty," he said.

Cracking the crowdfunded gadget security code
What's flat-out creepy is not whether Sager is right -- of course he is. Just consider this past year's mind-boggling gadget takedowns, including the the Texas couple whose baby monitor was compromised by an unknown overseas creep or security researcher Nitesh Dhanjani, who published glaring flaws in the Belkin WeMo controller last week.

What's truly ghastly is that errors are so common that Sager can actually list the mistakes made over and over by electronics manufacturers and in the process create essentially a punchlist the attentive investor can pick up on to stay safely out of the reach of firms likely to be the next victim of the security undead.

"The first thing you want to look for is how they talk about security," he said. If an operation is not clear in its public disclosures in how it handles the information it touches, trouble is coming.

"If a business is at all hesitant about telling the story of exactly how what they do is secure," he said, "don't get involved."

The next big red flag is the use of outside security audits or contractors. "It may sound good to bring in a top-flight hacker, university or security firm to test a product," he said. "But security has to be done by the people at that company. If there's no security culture in that firm, there probably is no security in that firm's products."

Next, look at how a product transfers data. In other words, what systems does it use to interact with computers outside the home or office? That's critical when dealing with connected appliances or webcams that require modification or system updates. "If that process relies on tricky configuration, or connects to machines your manufacturer can't vouch for, there will be problems."

Next, investors should be concerned with products that try to be open as possible. "There is a tendency now for devices to want to work with every platform," he said. That kind of flexibility can make a product easy to work with, but it also makes it easy to break into.

And investors should be especially concerned about products being rushed out the door. Crowdfunding in particular puts a premium on a getting to market early. And all too often entrepreneurs push products out before the time is invested to finesse the issues of design, manufacturing and security.

"If you are crowdfunding a film, you don't have the same issues," he said. "But for hardware it's is a red flag."

Sager's final investor advice is the most sobering: The real risks ahead are essentially still not known.

"It is not impossible to make a secure connected device. But it is not easy," he said. "There is no playbook yet."

This commentary comes from an independent investor or market observer as part of TheStreet guest contributor program. The views expressed are those of the author and do not necessarily represent the views of TheStreet or its management.

More from Personal Finance

9 Best Investment Books for Beginners

9 Best Investment Books for Beginners

How to Calculate Your Net Worth and Pin Down Your Financial Health

How to Calculate Your Net Worth and Pin Down Your Financial Health

The Best States for Millennials' Money and Health

The Best States for Millennials' Money and Health

U.S. Banks Urged to Make Small Loans In Competition With Payday Lenders

U.S. Banks Urged to Make Small Loans In Competition With Payday Lenders

How to Void a Check

How to Void a Check