The Unsecure Home and devices that connect to the internet

Topic

New Reply

[Mike]

For me it all started with a HVAC thermostat called an Ecobee, which wanted to be connected via Wi-Fi to the internet. There it would log data and get climate information to find the best settings.  Also support would be able to see it if necessary.

I wound up dumbing that down by just simply turning off the Wi-Fi.

So now, doing a little bit of research on residential solar energy, I’m wondering about security again. Typically, a residential solar energy system uses optimizers or micro inverters and controllers or gateways, which talk to each other.  And in turn these are hooked up via Wi-Fi to the internet.  The advantage is that the system can report errors and diagnostic information to the installer or dealer and manufacturer.  These devices can be troubleshooted and flashed with the latest software.

So what about security? It seems to me that a manufacturer, or dealer/ installer looks all the way through your personal gateway(modem/router, etc.) and straight directly into their devices. But what else could they do and what would happen if they were hacked?  Are there simple, consumer level ways to protect or isolate?

Any discussion, comments or questions would be appreciated.

Mike

 

• This topic was modified 9 months, 1 week ago by Mike. Reason: added tags, clarified

Reply | Quote

Replies

For one put it on a different wifi or a guest wifi. Secondly don’t ever use shared passwords on any device.  You could even use a different email address for such devices that is not related to the email address you use for personal purposes.

Next investigate if the devices support multi-factor authentication.

Segment your network as best as you can and have a personal one versus a “vendor needs access to me and my stuff” one.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

Mike

Reply | Quote

I can do a guest account.  Question.  Would having a separate router with WiFi hooked to the first gateway’s Ethernet port better isolate?

Reply | Quote

Adding a second router to your main router will not give you network separation – it’s actually a backwards setup.

You want the IoT devices on the main router and your private network on the second router attached to the ethernet port of the first. From here you can connect to IoT devices using your computer, but the IoT devices cannot connect to your private network.

It will “double NAT” your private network, but this is only an issue for online games or specialized apps/devices.
To get around the “double NAT” issue you need to create a DMZ on the main router and set the second router to use the/an IP of the DMZ.

cheers, Paul

2 users thanked author for this post.

wavy, oldfry

Reply | Quote

The need for constant internet connections extends beyond household devices.

Our new HP LaserJet M209dwe printer and HP’s Wolf Pro Security app also require constant internet connections.

We sent a brand-new LaserJet M209dwe printer to the recycling bin due to its need for uninterrupted access to the internet.

The printer works only with HP toner and a HP account and uses an internet connection to monitor compliance.

HP admits that they, “… look all the way through your personal gateway (modem/router, etc.) and straight directly into their devices.” in order to monitor that the printer is using HP  toner cartridges, toner usage, and account compliance.

We also uninstalled the Wolf Pro Security app from a new HP Z2 Tower G9 Workstation for the same reason.

4 users thanked author for this post.

oldfry, SueW, Sky, Mike

Reply | Quote

Good point Kathy.  I’d forgotten about those printer shenanigans.  Shame on them.   I just turn off my Canon printer since I use it  seldom.

Perhaps worse, is that many smart TV’S lock you out of the “smart” features unless you agree to their T&C’s and provide internet.

Mike

Reply | Quote

Mike wrote:

Perhaps worse, is that many smart TV’S lock you out of the “smart” features unless you agree to their T&C’s and provide internet.

“Smart” TVs can’t be “smart” without constant Internet connection.

All iOT devices are security hazards. Most of these devices never see security / firmware updates.

https://www.askwoody.com/forums/topic/eufy-caught-lying-about-local-only-security-cameras-with-footage-sent-to-cloud/

https://www.techtimes.com/articles/259138/20210415/amazon-ecobee-scandal-collecting-private-user-data-smart-thermostats-allegedly-forced.htm

3 users thanked author for this post.

SueW, Sky, Mike

Reply | Quote

I guess my TV is half smart then.
No internet but many features function on my LAN + many more interconnected devices and voice remote control.
A new LG TV I saw disabled many of those without external internet.

Reply | Quote