This week’s Internet of Things Podcast is a bit different from our typical format. Instead of discussing a range of topics and sharing a guest interview, we’re tackling the question we get so often from our listeners who are rightfully concerned about their home network security with smart devices installed: Should all of these webcams, smart locks, thermostats, and other devices be segmented to a guest network?
On the surface, that sounds like a smart idea. The main reason is that any compromised smart devices won’t be able to infect computers and other things on your primary network. A secondary reason is to limit access to your smart home when guests are over.
So here’s what we did: We both created guest networks in our home and migrated all of our smart devices over to them. And we found out some very interesting things. For starters, we didn’t lose access to any of our devices through this setup, which is good. However, we also found out that the reverse situation is a bad one. When on our guest networks with devices on the regular network, we still had access to many of them unexpectedly, which is bad.
Our takeaway is that if you want to put your smart home devices on a guest network, that’s fine but it may not add much more security. In particular, if your smart device credentials are stolen, as was the case with recent “hacks” of the Ring and Nest systems, this setup won’t really help you. We’re thinking that using a network monitoring system such as a Firewalla is a better solution. And better yet would be installing a router that supports VLANs, or Virtual LANs, for your smart home devices. Tune in and let us know what you think or if you have additional related network concerns or solutions.
We’re heading into the holidays with a guest appearance from my family who share their thoughts on what it’s like to live in a smart home, the products they like and what’s missing so far. My husband has been on the show before, but I also invited my 10-year-old daughter on to talk about her favorite toys and what she thinks of Philips Hue bulbs and the Amazon Echo (and Google Home). It’s a short and sweet reality check for us all.
Sure it’s a week after Thanksgiving, but we are all about Pi with this week’s episode. Yes, I went there! With the launch of the Raspberry Pi Zero, the cheapest Linux computer yet at $5, we invited Raspberry Pi founder Eben Upton on the show to discuss how Google’s Eric Schmidt helped inspire the cheaper computer, when it might be available to buy again and his ideas for connected projects. We also discussed what’s missing and how to add things like connectivity and battery life. He also gives a bit of advice for engineers and non-engineers alike.
But before we get to Pi, Kevin and I discuss the VTech hacks and a scary survey from SEC Consult, that lays out how many vendors of connected products are sharing code and thus, sharing static keys used for encryption. This is a big problem as connected devices proliferate, and one the industry is already addressing. Still, it’s worth delving into. We also got a little holiday cheer going, as I described how I used my Amazon Echo and SmartThings (or Wink) plus my GE/Jasco outdoor modules and Wemo indoors to create a voice command that lets me “Turn on Christmas.” So please, listen up and enjoy the show.
Hosts: Kevin Tofel and Stacey Higginbotham
Guest: Eben Upton, creator of the Raspberry Pi
Exploited kids accounts and everything is vulnerable
Have a connected holiday with Alexa
What on earth is the Raspberry Pi?
Let’s talk about specs
Whew, now let’s talk about how this whole cheap computer thing happened
Apple didn’t cover HomeKit in its massive event last week, but Kevin and spent a good chunk of time explaining what we we knew. Sadly, it’s not a lot, but it should be worth downloading iOS 9 and waiting a few more weeks. In enterprise news, we covered Salesforce’s IoT Cloud news, which will compete with IBM’s IoT foundation cloud. We also talked about a new access point from Samsung that adds Zigbee and Bluetooth to the mix before delving into a review of the OnHub router from Google. You’ll have to listen to the show and Kevin’s review to see if it’s worth the $199 price tag.
After all of that, Paul Madsen, who works in the office of the CTO at Ping Identity, came onto the show to discuss the future of an identity layer for the Internet of things. This may sound esoteric, but it’s really important for all of us who hate having multiple passwords for every app on every device we have in the house, if you are one of those people, you may want to read more into these reviewed password managers. It also could help with guest authentication. The conversation gets a bit techie, but its worth it to understand how we may access our devices in the near future. He does threaten some kind of two-factor authentication for our smart home, guys. Enjoy.
Hosts: Stacey Higginbotham and Kevin Tofel
Guests: Paul Madsen of Ping Identity
HomeKit gets new tricks as part of iOS9 but where are the devices?
Comcast and AT&T are supporting new third-party devices.
Salesforce gets into the Internet of things and here’s why.
Does Kevin like the Google OnHub router?
Managing identity for smart home might look a lot like the web.
Are you ready for two-factor authentication in your home?
Fans of the connected home got some exciting news when Amazon showed of its Dash Buttons, a simple, connected button that consumers could press to order a single products from the e-commerce giant. The idea is consumers would pop a Tide button by their washing machine, a Cottonelle button by their toilet and an Oil of Olay or Gillette Fusion button by their medicine cabinet, and as they run low, press the button to order more. It was an idea so simple that it seemed ridiculous and people wondered if it was an April Fool’s prank.
So Kevin Tofel and I discussed the Dash on this week’s show and you won’t believe why Kevin doesn’t like the idea. We also discuss the newly launched Hue Go wireless LED light, which I review ahead of its May or June launch. For $99.95 it’s a splurge, but if you like lights, I think it makes a nice gift. We kicked off the show with me sharing a segment that I recorded with Nightline, the ABC late-night news program. The show came to my home and hired a hacker to film a segment on smart homes and security. You can see the segment below:
The experience prompted me to ask this week’s guest Joshua Corman to come on the podcast to speak about his efforts with an organization called I am the Cavalry, a collective of hackers, researchers and activists trying to build a more secure connected future. We spent a lot of time discussing the group’s framework for connected cars, but it’s a framework that will translate well to other aspects of the internet of things. So get ready to feel very insecure (watch Corman’s TED talk to feel worse) and to learn a bit more about Kevin Tofel’s odd network habits.