Keeping Your Smart Home Secure & Private
December 20, 2022 10:59PM
Keeping Your Smart Home Secure & Private

Here at EFF, we fight hard to ensure your security and privacy rights are maintained in the digital world. Back when we were founded in 1990, a dream of a world united by the internet was accompanied by forward-thinking visions of connected devices of all kinds making our lives more convenient and luxurious. The last two decades have seen the internet move from living-room and office terminals to our phones, watches, appliances and lighting fixtures. And although so-called smart devices and the Internet of Things (IoT) have allowed us to automate some aspects of our lives, they’ve also been plagued with privacy and security problems, giving hackers and data miners unprecedented access to our personal and behavioral information.To get more news about home security solutions, you can visit official website.

Examples of large botnets such as the well-known Mirai and more recent Fronton—which consist of Internet-connected IoT devices—have caused significant damage, and have given IoT a terrible reputation when it comes to security. Governments have started to take note, and the passage of the IoT Cybersecurity Improvement Act of 2020 in the US, while welcome, has only begun to tackle this issue. On the privacy front, our connected devices and appliances are delivering potentially hundreds of discrete data points per day to companies without any meaningful limits on or insight into what they are doing with this data. And homeowners who wish to add smart devices to their homes are often directed to install apps which control these devices, but also deliver data to third parties without notification.
Mozilla provides a useful tool, *privacy not included, to search your own smart devices for what they may be sending to the cloud. If, for instance, you own a Furbo Dog Camera with Dog Nanny, you are subject to a privacy policy which states Furbo can “collect any audio, video or pictures you create, upload, save or share” and “collect video and audit information of individuals when they pass in front of the camera or speak when the Furbo Dog Camera is on.” Unfortunately, this policy is not atypical. Researchers at Northeastern University and Imperial College London found in a survey of IoT devices across the industry that 72 of the 81 they looked at were sending information to third parties.

The nuances of adding connected automation and functionality to the home while preserving one's privacy and security seems an obtuse and difficult task. Many otherwise enthusiastic consumers have encountered untold frustrations, and become victims of the failures of a data-hungry industry. The myriad of difficulties has even prompted users to abandon smart devices altogether.

Despair not, for there is hope. In the last few years, numerous projects and protocols have been and are actively being developed which bring a greater deal of privacy and security to the connected home. And it all starts by moving the orchestration of all those devices from the cloud into your own network, with the help of a device called a “hub.”
However, not all hubs sever the ties of the device from the cloud completely—additional steps are often needed for this. Keep in mind that even if you do wish to disconnect your devices from the cloud, you will need some way to regularly update the firmware on the devices—this otherwise is often done automatically when these devices are networked.

For any local hub, you’ll need the hardware and a way to connect to it, usually an app on your smartphone. The hardware is usually a small machine which connects to your local network and allows the user a way to access it. For simplicity, there are commercial products available that just work out of the box. Hubitat offers a local hub for sale in the range of $100 USD.

For the more technically inclined, Home Assistant (HA) is an open source, community-driven hub software that can be installed on a variety of platforms, such as a Raspberry Pi or an old laptop you have lying around collecting dust. It doesn’t require much processing power or memory to operate—any Raspberry Pi 3b+ or later will do the job just fine. In this post, we’ll be describing a typical privacy-preserving high-level IoT layout using HA.
Sorry, only registered users may post in this forum.

Click here to login