I can. I VPN into my home and the connect to the NAS. The cameras are only allowed to talk to the NAS and any attempt for them to talk directly outside is blocked.
I have some smart lighting which I control from my phone, set up timers, automation etc. It’s all local though, I have no need to access it remotely. You can set up a VPN to access your home network remotely if you want to be secure, but I’ve got no need so it’s not worth the effort. But yeah, smart/IoT doesn’t have to mean can talk to the public internet!
Anything that needs to access the internet only has that access and to nothing else on the network. Anything that doesn’t need it only has access to the local devices it reports to.
True to some extent, but I think a lot people give these firms too much credit.
Your microwave will not send your food heating data to NSA. At best the manufacturer uses it to see how people use their appliances.
Voice guided home assistants might send sound to servers for analysis, but even then it’s just the stuff you actively sent to be used as a query. When they’re listening for activation messages “passively”, this data does not get sent outside of the device. This conception really bothers me as it really propagates an illusion that we’ve already lost and have no control.
There’s no need to covertly spy when the biggest data is given voluntarily through the TikToks, Facebooks and Twitters of the world.
It’s not that they’re actively spying, it’s just another way that an attacker could get in. You can have a highly secure network setup but if there’s a cheap IoT device with no security connected then suddenly that’s a backdoor in for a real attacker. Maybe that’s John Hackerman at the NSA, maybe it’s some script kiddie scanning for anyone running a device with a known exploit!
And that’s why IoT devices needing internet access don’t have access to other devices on the network and vice versa for devices with a local interface.
I agree with you, but I would add that they also might be doing their best to crosstrack what other products you use and how. Obviously, that’s one of the reasons why you have them quarantined in the first place. I just wanted to mention it in case a reader wants to set up a different network for each potential creepy device. I don’t.
Crosstracking is indeed a thing. Obviously it has its limits, since the other devices have to communicate back. It should be easy enough to see all devices that are on the same network though.
IoT is a popular attack vector. So proper precautions should be made. Perhaps only give them access to your guest wi-fi. Perhaps a separate network entirely.
Confirming the opposite here. Network is properly separated and locked down. IoT devices do their thing while I enjoy all the benefits.
IoT devices are still tracking and reporting on you and your family.
For me, they could be trying to report on it, but the firewall blocks them from the internet.
Why have smart home stuff if you can’t use it when you’re not home?
I can. I VPN into my home and the connect to the NAS. The cameras are only allowed to talk to the NAS and any attempt for them to talk directly outside is blocked.
Well not if the network is properly separated, that way they can’t ever access the public internet, right?
Maybe I misunderstand but the benefits of the IOT things is to access this stuff remotely, from your phone, from anywhere.
I have some smart lighting which I control from my phone, set up timers, automation etc. It’s all local though, I have no need to access it remotely. You can set up a VPN to access your home network remotely if you want to be secure, but I’ve got no need so it’s not worth the effort. But yeah, smart/IoT doesn’t have to mean can talk to the public internet!
Anything that needs to access the internet only has that access and to nothing else on the network. Anything that doesn’t need it only has access to the local devices it reports to.
True to some extent, but I think a lot people give these firms too much credit.
Your microwave will not send your food heating data to NSA. At best the manufacturer uses it to see how people use their appliances.
Voice guided home assistants might send sound to servers for analysis, but even then it’s just the stuff you actively sent to be used as a query. When they’re listening for activation messages “passively”, this data does not get sent outside of the device. This conception really bothers me as it really propagates an illusion that we’ve already lost and have no control.
There’s no need to covertly spy when the biggest data is given voluntarily through the TikToks, Facebooks and Twitters of the world.
It’s not that they’re actively spying, it’s just another way that an attacker could get in. You can have a highly secure network setup but if there’s a cheap IoT device with no security connected then suddenly that’s a backdoor in for a real attacker. Maybe that’s John Hackerman at the NSA, maybe it’s some script kiddie scanning for anyone running a device with a known exploit!
And that’s why IoT devices needing internet access don’t have access to other devices on the network and vice versa for devices with a local interface.
I agree with you, but I would add that they also might be doing their best to crosstrack what other products you use and how. Obviously, that’s one of the reasons why you have them quarantined in the first place. I just wanted to mention it in case a reader wants to set up a different network for each potential creepy device. I don’t.
Crosstracking is indeed a thing. Obviously it has its limits, since the other devices have to communicate back. It should be easy enough to see all devices that are on the same network though.
IoT is a popular attack vector. So proper precautions should be made. Perhaps only give them access to your guest wi-fi. Perhaps a separate network entirely.
Same. IOT vlan where they can’t talk to each other and can’t talk to the intranet unless the connection was established from the intranet