Things like smart speakers (such Amazon Alexa), smart TVs or other devices with built in microphones, cameras or with other features that could enable them to leak personal or private info.
Judging by the sales of these items, most people don’t seem to be bothered, but as developers, I wonder what some of you might think?
The way things are going it’s a train we just ain’t gonna stop but I am proud to say I don’t own a TV. Not even a normal one. I use the mac (15") and it’s good enough for us.
My laptops cameras are covered whether that actually makes a difference or not.
In general though I am trying very hard not to be too paranoid.
And it seems to work both ways - in 2019 a girl sent a tweet from her fridge !!! That’s just scary and brilliant at the same time!
I just bought a new ‘smart’ TV and really wish we had smarter routers - that track traffic by device and give us a report of activity or the ability to see what data they are or might be sending out.
Currently some routers do give you some nifty features and I use some of them - for instance I have a wireless printer which is connected to the network via wifi but I have blocked internet traffic for the device (so it can never leak any documents/data externally). I can also create isolated wifi networks, so devices on them can access the web but can’t access other devices on my main network (so separate to Mac/iOS devices). This is also handy for guests.
Shame that Apple’s AirPlay requires an internet connection and doesn’t have an option to stream from the device internally…
I don’t currently have smart devices (aside from TVs sigh) because it feels weird to me having no “physical” control. Having said that, I’m not closed to the idea, especially if I could have dedicated network hardware to create VLANs.
I recently saw this video and I think he exemplified exactly what I imagine when thinking about smart devices/homes.
I would definitely recommend getting a router that allows finer control over devices - I have the ASUS RT-AC3200:
I do not use ‘AiProtection’ or some of the other ‘security’ features because as I understand it that means sending all sites you visit to a third party (similarly I disable the ‘fraudulent websites’ feature in safari as that sends all the sites you visit to google/their ‘safe browsing’ service).
How does that work ODL? I guess it is different from AirPlay, where basically if you are watching or listening to something on your computer you can stream it to an AirPlay enabled device. It’s a trick really, it doesn’t actually stream from your computer, but streams from the source (so I guess all your computer is doing really, is telling the device what to stream and ‘syncing’ the content if it is being output to more than once device).
What I like about it most (apart from the higher quality when streaming music (which is better than bluetooth streaming)) is that you can output to multiple devices - so if you have 2 amplifiers in 2 different rooms that are AirPlay enabled you can have you music playing on all of them.
Well an RPI is just a cheap mini arm computer, runs some ubuntu thing by default, so you can do and run basically whatever you want on it, and it has HDMI out. ^.^
Joining the chorus of not trusting most of these devices with internet access. Sadly it’s next to impossible getting a TV that isn’t “smart” these days so I opted for one that won’t complain if you don’t connect to the internet (or home network).
Generally speaking, no. Hell I don’t even trust my Verizon router very much, though maybe more than I would one from Comcast. I won a mini Google Home Assistant or whatever they call it, in a drawing at a conf about two years ago, and STILL haven’t opened it! (Though granted that’s more out of laziness than distrust.)
Thanks for the recommendation, I’ll check it out. My plan is to build a network setup with dedicated hardware, eventually; Ubiquiti was my first option but they seem to be going downhill. I’m not in a hurry so I’ll wait and see what else shows up.
I think that my home will be always as dumb as possible
Working in the security space and having to work sometimes with developers from top grade products that have no idea of what they are doing in terms of security and sometimes even lack coding skills in general made me lost the few confidence that I already had on software in general.
My lack of confidence in software started to vanish much time before I started in security. Pretty much comes from the time when I started to work as a developer, as freelancer initially and afterwards as full-time developer, and saw how the industry is insecure by default and refuses to change mentality when called out for their mistakes and bad practices. This is still valid nowadays, despite some very slow progress being made.
Until the mentality of our industry shifts from security as opt-in to security as an opt-out I am not seeing myself changing opinion about trusting in software, especially in the so called IOT devices to make homes smart.
Same. If I want smart devices I’ll opt for libre hardware and software. It’s not impossible. Takes a lot of effort and you need to have a lot of love and enthusiasm for the idea but I dream of a day when I won’t be bothered if I don’t collect a paycheck for a year – in these conditions I’ll likely work on making something like this for my home.
Being a professional commercial programmer gives you an unique perspective on how EVIL a software can be if coded by the people who don’t have your interest at heart. So no, thanks!