Can we trust manufacturers.

keithkeith Member, Beta Tester Posts: 64
25 Likes 10 Comments Name Dropper First Answer
✭✭✭
edited August 2019 in Devices & Security
I have a great interest in the potential of iot devices, like Esprissif Systems products. 
BUT, I can't get away from the thought, these devices are gateways to everything I do.
Can fing help in this area, my limited understanding tells, it can't. 
If I let these devices live on my network they can do whatever they like, true or not. 
Is this a bit crazy? 
VioletChepil

Comments

  • PoohPooh Member, Beta Tester Posts: 674
    500 Likes 500 Comments 25 Answers 100 Agrees
    ✭✭✭✭✭
    If you're this worried then the first thing I'd do is segment the IoT devices into their own subnet (and possibly SSID). That way, even if a device goes rouge, it will only be able to affect the IoT network and not the one with your main devices on.
    People say nothing is impossible, but I do nothing every day.
    keithjacixVioletChepil
  • keithkeith Member, Beta Tester Posts: 64
    25 Likes 10 Comments Name Dropper First Answer
    ✭✭✭
    Thanks for the subnet advice, I will keep it in mind.
    My main consideration in buying the fing box was monitoring performance, insane young people's usage and intrusion. 
    With our pathetic Mbps and unlimited data, the intrusion and performance are now the only items of interest. I live in hope of an infrastructure injection and seeing fixed wireless 50/25 or 100/50 one day. 
    VioletChepil
  • jacixjacix Member Posts: 3
    First Answer Photogenic First Comment
    edited August 2019
    I'll echo what @Pooh said: segment those suckers.  A good firewall will let you run as many subnets as you want, and with VLAN tagging it'll all run over a single wire.  I'm running a pfSense firewall, which sends tagged traffic over powerline ethernet (I just posted in the thread about my experience there) to an EnGenius access point that understands VLAN tags, so setup was a breeze.  I have a dedicated subnet/VLAN/SSID for the IOT gear I don't trust, which is all of it, and I'm considering creating more subnets to keep the different vendors apart.  None of these things are on my internal network so even if the manufacturers are malicious - or their software gets exploited - there's nothing for them to see.  The miscreants can try all they want, but they're not going to get anything from me.  
    RichardJansmakeithVioletChepil
  • GidsterGidster London, UKMember Posts: 224
    100 Likes 100 Comments 25 Awesomes 25 Agrees
    ✭✭✭
    jacix said:
    I'll echo what @Pooh said: segment those suckers.  A good firewall will let you run as many subnets as you want, and with VLAN tagging it'll all run over a single wire.  I'm running a pfSense firewall, which sends tagged traffic over powerline ethernet (I just posted in the thread about my experience there) to an EnGenius access point that understands VLAN tags, so setup was a breeze.  I have a dedicated subnet/VLAN/SSID for the IOT gear I don't trust, which is all of it, and I'm considering creating more subnets to keep the different vendors apart.  None of these things are on my internal network so even if the manufacturers are malicious - or their software gets exploited - there's nothing for them to see.  The miscreants can try all they want, but they're not going to get anything from me.  
    Sounds like this needs a lot of specialist knowledge. Are there solutions out there for the less technically confident who have security concerns?
    Head of Product at Fing
  • PoohPooh Member, Beta Tester Posts: 674
    500 Likes 500 Comments 25 Answers 100 Agrees
    ✭✭✭✭✭
    Gidster said:
    Sounds like this needs a lot of specialist knowledge. Are there solutions out there for the less technically confident who have security concerns?
    A simple answer might be to utilize the Guest SSID if your AP\Mesh supports it.
    People say nothing is impossible, but I do nothing every day.
    keithVioletChepil
  • keithkeith Member, Beta Tester Posts: 64
    25 Likes 10 Comments Name Dropper First Answer
    ✭✭✭
    edited October 2019

    Some harsh words re Google and us.

    From "The Australian" newspaper today.

    "Australia’s consumer watchdog is taking on Google in the Federal Court, in world-first action alleging the tech giant misled consumers about the location data it hoovered up.

    Mr Sims alleged that Google also misled the public about “the nature, characteristics and suitability for purpose of the Android operating system, Google services and Google Pixel phones”.

    AND is this comment by David Swan in the same newspaper correct.

    "In 1999, the company had a line in its privacy policy, that it “only talks about our users in aggregate, not as individuals.’ That line was removed three months later, and 20 years later is a stark reminder of just how different the Google of today is."

    It's not worth worrying really, is it,

    VioletChepil
Sign In or Register to comment.