Why "smart home" so easily translates into "unsafe home"

Skybird · 02-09-17, 11:56 AM

Textbook exmaples for my reason why I am not tech-hostile to technology, but allergic and very critical of the totally uncritical attitude many careless people today take on it.

http://www.pcworld.com/article/31187...t-def-con.html

http://ns.umich.edu/new/multimedia/v...popular-system

Do we really need smart refirgerators, smart light bulbs, smart key locks, and all that stupid smart stuff? I say it does nothing for my well-beeing or comfort. Its just plain stupid in most cases. And it can even lead to the loss of own skill.

Everything you own sooner or later owns you.

And regarding "safe home": most important is not to have cameras, electronic number locks and alarm syswtems, but barriers of high mechanical robustness. By far most home-invading crime is not done by technical subtelty, but by use of robust physical force. Burglars, if they are competent, run a time table, and will leave after some minutes anyway,within a safe limit, because they know how long the police takes to reach a reported alarm location. They will be masked and do not care whether they get filmed or not. Alarm systems and cameras should be the two lowest points on your list of security measurements if you want to secure your home and have no actively patrolling security service guarding your perimeter. Physically robust barriers are the important items on top of your list.

Rockin Robbins · 02-18-17, 12:39 PM

The mass American denial of service attack at the time of the elections was based on a botnet made not of computers, but refrigerators, microwaves, washing machines, clothes driers, door locking systems, IP cameras, routers, and the rest of the Internet of Things because those devices are so poorly programmed.

Gargamel · 02-19-17, 02:06 AM

A "simple" solution (ignoring the obvious of better IoT device programming) is to have a stand alone firewall between your home and the net.

While very easy to install and run in theory, it's a little complicated for the average user. A lot of routers already have this capability, and it's very easy to build a firewall box yourself.

But when you install your smart lightbulb, you'd have to access the permission settings in your firewall (router or box), and set the incoming and outgoing permissions to only sites that device needs to operate, blocking all others. As most people don't know how to change the name or password on their wifi, having the end user do this is not really feasible.

There would have to be a standard devised to allow new devices to register with a standardized network firewall, and set those permissions automatically.

ikalugin · 02-19-17, 05:37 AM

The most simple solution is to airgap and maintain discipline (ie do not plug in USB drives into your airgaped home network).

If you must update something, you can always do that like twice a year using secure means.

Gargamel · 02-19-17, 09:27 AM

Quote:

Originally Posted by ikalugin

The most simple solution is to airgap and maintain discipline (ie do not plug in USB drives into your airgaped home network).

If you must update something, you can always do that like twice a year using secure means.

The problem with airgapping IoT things, is that a lot of them require, or at least request, off site data. Like a smart fridge. While it might be able to update your shopping list while you're local, I'd want it to display the current weather and news. Some home security systems stream status and video.

But for the items that don't require data from the net, air gapping would be the easiest solution.

02-09-17, 11:56 AM	#1
Skybird Soaring Join Date: Sep 2001 Location: the mental asylum named Germany Posts: 42,683 Downloads: 10 Uploads: 0	Why "smart home" so easily translates into "unsafe home" Textbook exmaples for my reason why I am not tech-hostile to technology, but allergic and very critical of the totally uncritical attitude many careless people today take on it. http://www.pcworld.com/article/31187...t-def-con.html http://ns.umich.edu/new/multimedia/v...popular-system Do we really need smart refirgerators, smart light bulbs, smart key locks, and all that stupid smart stuff? I say it does nothing for my well-beeing or comfort. Its just plain stupid in most cases. And it can even lead to the loss of own skill. Everything you own sooner or later owns you. And regarding "safe home": most important is not to have cameras, electronic number locks and alarm syswtems, but barriers of high mechanical robustness. By far most home-invading crime is not done by technical subtelty, but by use of robust physical force. Burglars, if they are competent, run a time table, and will leave after some minutes anyway,within a safe limit, because they know how long the police takes to reach a reported alarm location. They will be masked and do not care whether they get filmed or not. Alarm systems and cameras should be the two lowest points on your list of security measurements if you want to secure your home and have no actively patrolling security service guarding your perimeter. Physically robust barriers are the important items on top of your list. __________________ If you feel nuts, consult an expert. Last edited by Skybird; 02-09-17 at 12:04 PM.

02-18-17, 12:39 PM	#2
Rockin Robbins Navy Seal Join Date: Mar 2007 Location: DeLand, FL Posts: 8,900 Downloads: 135 Uploads: 52	The mass American denial of service attack at the time of the elections was based on a botnet made not of computers, but refrigerators, microwaves, washing machines, clothes driers, door locking systems, IP cameras, routers, and the rest of the Internet of Things because those devices are so poorly programmed. __________________ Sub Skipper's Bag of Tricks, Slightly Subnuclear Mk 14 & Cutie, Slightly Subnuclear Deck Gun, EZPlot 2.0, TMOPlot, TMOKeys, SH4CMS

02-19-17, 02:06 AM	#3
Gargamel Lucky Sailor Join Date: Oct 2010 Location: Rome Posts: 4,273 Downloads: 81 Uploads: 0	A "simple" solution (ignoring the obvious of better IoT device programming) is to have a stand alone firewall between your home and the net. While very easy to install and run in theory, it's a little complicated for the average user. A lot of routers already have this capability, and it's very easy to build a firewall box yourself. But when you install your smart lightbulb, you'd have to access the permission settings in your firewall (router or box), and set the incoming and outgoing permissions to only sites that device needs to operate, blocking all others. As most people don't know how to change the name or password on their wifi, having the end user do this is not really feasible. There would have to be a standard devised to allow new devices to register with a standardized network firewall, and set those permissions automatically. __________________ Luck is a residue of Design.

02-19-17, 05:37 AM	#4
ikalugin Ocean Warrior Join Date: Aug 2014 Location: Moscow, Russia Posts: 3,212 Downloads: 8 Uploads: 0	The most simple solution is to airgap and maintain discipline (ie do not plug in USB drives into your airgaped home network). If you must update something, you can always do that like twice a year using secure means. __________________ Grumpy as always.