Time to get rid of weird connected appliances! <<SKYNET MUST DIE>> check this

Cameron Kaiser spectre at floodgap.com
Sun Oct 23 23:32:37 CDT 2016


> Nevertheless, most IoT devices only talk (outgoing) to some server in 
> some cloud, and are reasonably safe, at least until the server is 
> attacked.

Which is why I'll only buy systems for which the API is either open or
well-understood.

I have several sets of Philips hue bulb networks in the house. They sit
on the secured non-routable internal network and have never been able to
phone home. The central server drives them directly using a Perl tool I
wrote (huepl), and now the security and access controls are metered by me,
not by Philips.

Similarly, my home camera system connects to an Axis concentrator that
is only accessible on that same non-routable network. The central server
grabs snapshots and motion JPEG feeds from it. Again, the security is
now in my hands.

I admit I'm paranoid and having this requirement reduces the amount of
hardware I'll see fit to buy, but usually it reduces it to the higher
quality devices in any case.

-- 
------------------------------------ personal: http://www.cameronkaiser.com/ --
  Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckaiser at floodgap.com
-- Reality is when it finally happens to you, too. ----------------------------


More information about the cctalk mailing list