About 3-4 years ago I took a bit of a dive into the firmware of IoT devices. The utter lack of security and the amount of information being hoovered up to the mothership made me swear to never build anything “smart” into the renovations of my current home. Sure, there will be automation. There will be CCTV. There will be solar with battery backup for essentials. There will be conveniences of all kinds. But virtually all will be air gapped, incapable of remote rooting, and under my full control.
Hell, even my laser printers are HP models over two decades old - an HP 4050DTN and an HP 5000DTN - that are totally devoid of any DRM or “smart features” and can trivially take generic overstuffed cartridges that can do 20,000 sheets at 5% coverage.
I worked for Cisco during the time IoT was being pushed into everything. You don’t want to know how bad it is. If I was malicious I could have easily written several backdoors into their products without anyone knowing. I wrote kernel code in their IOS operating system. There are no checks on that shit and the entire switching team does next to zero peer review on kernel security.
Yes, there products that (at the time) touched upwards of 95% of all packets sent over the Internet.
The only upside to this state of things is that it keeps alive my fantasies of one day being a Watchdogs-style techno-sorcerer that can wirelessly hack anything that runs on electrons and a WiFi signal.
… Although the nightmare is that people far more evil can probably already do that.
About 3-4 years ago I took a bit of a dive into the firmware of IoT devices. The utter lack of security and the amount of information being hoovered up to the mothership made me swear to never build anything “smart” into the renovations of my current home. Sure, there will be automation. There will be CCTV. There will be solar with battery backup for essentials. There will be conveniences of all kinds. But virtually all will be air gapped, incapable of remote rooting, and under my full control.
Hell, even my laser printers are HP models over two decades old - an HP 4050DTN and an HP 5000DTN - that are totally devoid of any DRM or “smart features” and can trivially take generic overstuffed cartridges that can do 20,000 sheets at 5% coverage.
ZigBee and Z-wave create their own network not connected to the internet, pair that with Home Assistant 🇪🇺 and done, sane smart home implementation.
Remember, the “s” in IoT stands for “security”.
And the ‘p’ for privacy.
I worked for Cisco during the time IoT was being pushed into everything. You don’t want to know how bad it is. If I was malicious I could have easily written several backdoors into their products without anyone knowing. I wrote kernel code in their IOS operating system. There are no checks on that shit and the entire switching team does next to zero peer review on kernel security.
Yes, there products that (at the time) touched upwards of 95% of all packets sent over the Internet.
The only upside to this state of things is that it keeps alive my fantasies of one day being a Watchdogs-style techno-sorcerer that can wirelessly hack anything that runs on electrons and a WiFi signal.
… Although the nightmare is that people far more evil can probably already do that.