Once again, the Telekom Magenta SmartHome system underwent the AV-TEST certification – this year together with the all-in-one smart home application “MagentaZuhause App”. As always, the hardware and software were put through extensive testing and were checked both dynamically and statically for potential weaknesses or vulnerabilities.
Applications & hardware
This time, two different applications were analyzed for this test area: Firstly, the “Magenta SmartHome” app (for Android and iOS in the tested version 6.6.1), the classic app for using and managing the products offered in the Magenta Smart Home product portfolio. Secondly, new to the test this year was also the “MagentaZuhause App” (for Android and iOS in the tested version 1.0.0 Beta), which allows the user to combine devices from different (supported) manufacturers into a Smart Home ecosystem and to control and organize them via the app as a central interface.
For example, the Nuki Smart Lock, which we also certified, can be combined with Magenta SmartHome components and a variety of supported cameras, smart speakers and similar accessories in one system and controlled centrally via one interface.
In terms of security, our testers had little to say about either application: The implementation of security-relevant aspects, such as encrypted communication over the Internet in particular, are adequately implemented in both applications. Attacks on the connections of the applications and a possible interception or reading of transmitted information by third parties is thus practically impossible. Of course, there was room for further improvement here and there – for example, not all of the libraries supplied with the Android versions of both applications are protected by memory access protection mechanisms (such as ASLR), and the default configurations for some security settings could be further optimized for the last percent of additional security. In the practical tests, however, none of these points resulted in a real vulnerability that would result in a realistic attack scenario.
The cooperation of the apps with the hardware was also rated as secure by the testers.
For this area, we have to state that both applications, but especially the Magenta SmartHome application, have quite extensive user analysis and tracking capabilities and functionalities: Several analytics, tracking and retargeting modules are included and their activity can also be confirmed and tracked.
All in all, Magenta SmartHome and the MagentaZuhause application continue to impress us in all tested areas and will therefore receive the AV-TEST certificate “Approved Smart Home Product” for 2022.