Can we trust manufacturers.





BUT, I can't get away from the thought, these devices are gateways to everything I do.
Can fing help in this area, my limited understanding tells, it can't.
If I let these devices live on my network they can do whatever they like, true or not.
Is this a bit crazy?
Comments
-
If you're this worried then the first thing I'd do is segment the IoT devices into their own subnet (and possibly SSID). That way, even if a device goes rouge, it will only be able to affect the IoT network and not the one with your main devices on.People say nothing is impossible, but I do nothing every day.3
-
Thanks for the subnet advice, I will keep it in mind.
My main consideration in buying the fing box was monitoring performance, insane young people's usage and intrusion.
With our pathetic Mbps and unlimited data, the intrusion and performance are now the only items of interest. I live in hope of an infrastructure injection and seeing fixed wireless 50/25 or 100/50 one day.1 -
I'll echo what @Pooh said: segment those suckers. A good firewall will let you run as many subnets as you want, and with VLAN tagging it'll all run over a single wire. I'm running a pfSense firewall, which sends tagged traffic over powerline ethernet (I just posted in the thread about my experience there) to an EnGenius access point that understands VLAN tags, so setup was a breeze. I have a dedicated subnet/VLAN/SSID for the IOT gear I don't trust, which is all of it, and I'm considering creating more subnets to keep the different vendors apart. None of these things are on my internal network so even if the manufacturers are malicious - or their software gets exploited - there's nothing for them to see. The miscreants can try all they want, but they're not going to get anything from me.3
-
jacix said:I'll echo what @Pooh said: segment those suckers. A good firewall will let you run as many subnets as you want, and with VLAN tagging it'll all run over a single wire. I'm running a pfSense firewall, which sends tagged traffic over powerline ethernet (I just posted in the thread about my experience there) to an EnGenius access point that understands VLAN tags, so setup was a breeze. I have a dedicated subnet/VLAN/SSID for the IOT gear I don't trust, which is all of it, and I'm considering creating more subnets to keep the different vendors apart. None of these things are on my internal network so even if the manufacturers are malicious - or their software gets exploited - there's nothing for them to see. The miscreants can try all they want, but they're not going to get anything from me.Head of Product at Fing0
-
Gidster said:Sounds like this needs a lot of specialist knowledge. Are there solutions out there for the less technically confident who have security concerns?People say nothing is impossible, but I do nothing every day.2
-
Some harsh words re Google and us.
From "The Australian" newspaper today.
"Australia’s consumer watchdog is taking on Google in the Federal Court, in world-first action alleging the tech giant misled consumers about the location data it hoovered up.
Mr Sims alleged that Google also misled the public about “the nature, characteristics and suitability for purpose of the Android operating system, Google services and Google Pixel phones”.
AND is this comment by David Swan in the same newspaper correct.
"In 1999, the company had a line in its privacy policy, that it “only talks about our users in aggregate, not as individuals.’ That line was removed three months later, and 20 years later is a stark reminder of just how different the Google of today is."
It's not worth worrying really, is it,
1
Categories
- 5.6K All Categories
- 2.8K Ask about Connected Technology
- How To...
- 1K Devices & Security
- 1.5K Network Troubleshooting & Connectivity
- 112 General Discussion, Weird & Wonderful
- 42 Network Infrastructure
- 5.2K Ask about Fing
- 531 Fing Account Change Request
- 1.1K Fing Desktop
- 1.3K Fing App
- 1.6K Fingbox
- 485 Announcements, Beta Testing & Release Notes
- 157 Community Updates
- 24 Getting started
- 13 Community User Guides