Chromecast an IoT device?

Hronos · November 19, 2019

Now that I am thinking about separating my IoT's from my principal network so they are "isolated" or at least not in the same network of my Desktop/Laptop, phones, or any other device with personal information that can be compromise...
I have a big doubt about Chromecast.

Is it an IoT that can be compromised? I think it is. But, if they are on a different network from your phone you can't cast on it... right? (I have read than "guests" can cast over a chromecast without been on your network but haven't get it to work)
So my poll is: have you "punished" your Chromecast to an IoT network for the sake of security?

Marc · November 19, 2019

Principal Network (with your other devices like your Phone)

@Hronos , I probably should be paranoid and segregate but I've had these things on my principle network for years without issue so maybe I am little too complacent now?

VioletChepil · November 19, 2019

Principal Network (with your other devices like your Phone)

bumping this one @Hronos to see if we can get some more results in the poll

Hronos · November 19, 2019

Thanks @VioletChepil

Hronos · November 20, 2019

Hi there all! for those who put their Chromecasts to an isolated network, I would like to know how have solve the problem of using it =D

VioletChepil · November 20, 2019

Principal Network (with your other devices like your Phone)

@vulcansheart @marco_from_fing anything to add to help @hronos?

vulcansheart · November 21, 2019

IoT Isolated Network.

Using a software firewall/router with multiple LAN connections, I've isolated my IoT devices to a subnet and VLAN that cannot traverse into my secured local network. However, devices that are on my wireless VLAN (phones, laptops, etc) are allowed to initiate a session into the IoT VLAN for things like screen mirroring. If you have this capability, I recommend it for security and network control.

*edit*

I should say I voted "isolated" based on my tinfoil hat mentality caused by the things I've seen while attending DEFCON, and for the data mining practices of large corporations (Google included).

Hronos · November 21, 2019

@vulcansheart Nice one! Just to clarify, your Phones/laptops have to connect to the IoT SSID network or that "initiate a session" is resolve through the "firewall"? (I am supposing the 2nd one)
Don't know if it's posible with my current gear... (pretty sure no) but it's a great solution...

vulcansheart · November 21, 2019

IoT Isolated Network.

No, my personal devices connect to SSID "The Fergowski's" which is VLAN100 (tagged by the access point). Based on firewall rules, traffic is allowed to initiate from VLAN100 to VLAN200, but not vis versa.

Hronos · November 21, 2019

I believe a Linux box should help there, but are your switches any special to support that or you have physical independent ones or maybe don't have switches on VLAN200 (I ask because I have some kind of IoT's than are wired devices)

vulcansheart · November 21, 2019

IoT Isolated Network.

@Hronos Yes, I am using a managed netgear prosafe switch along with an Omada (tp-link) EAP225 access point that has SSID based VLAN tagging.

ericyew · December 17, 2019

IoT Isolated Network.

you may need to also look at enabling IGMP snooping and mDNS...depending on your setup. Have a look here for some clue:
https://help.ubnt.com/hc/en-us/articles/360001004034-UniFi-Best-Practices-for-Managing-Chromecast-Google-Home-on-UniFi-Network

Chromecast an IoT device?

Chromecast an IoT device? 13 votes

Comments

Categories