Chromecast an IoT device?

HronosHronos Member, Beta Tester Posts: 289
100 Likes 100 Comments 25 Awesomes 25 Agrees
✭✭✭✭
edited November 2019 in Devices & Security
Now that I am thinking about separating my IoT's from my principal network so they are "isolated" or at least not in the same network of my Desktop/Laptop, phones, or any other device with personal information that can be compromise...
I have a big doubt about Chromecast.

Is it an IoT that can be compromised?  I think it is.  But, if they are on a different network from your phone you can't cast on it... right? (I have read than "guests" can cast over a chromecast without been on your network but haven't get it to work)
So my poll is: have you "punished" your Chromecast to an IoT network for the sake of security?
Keep looking up!

Chromecast an IoT device? 13 votes

Principal Network (with your other devices like your Phone)
61%
VioletChepilCarlo_from_FingCiaranRobinMarckltaylorInternetAlertEmad 8 votes
IoT Isolated Network.
38%
marco_from_fingCrowgrandfatherDaveFivulcansheartericyew 5 votes
VioletChepilRobinCiaran

Comments

  • MarcMarc Moderator, Beta Tester Posts: 1,651
    100 Answers 1000 Comments 500 Likes 100 Awesomes
    ✭✭✭✭✭✭
    Principal Network (with your other devices like your Phone)
    @Hronos , I probably should be paranoid and segregate but I've had these things on my principle network for years without issue so maybe I am little too complacent now?
    Thats Daphnee, she's a good dog...
    HronosVioletChepil
  • VioletChepilVioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    Principal Network (with your other devices like your Phone)
    bumping this one @Hronos to see if we can get some more results in the poll :) 

    Community Manager at Fing

    MarcHronosDGC
  • HronosHronos Member, Beta Tester Posts: 289
    100 Likes 100 Comments 25 Awesomes 25 Agrees
    ✭✭✭✭
    Thanks @VioletChepil :)
    Keep looking up!
  • HronosHronos Member, Beta Tester Posts: 289
    100 Likes 100 Comments 25 Awesomes 25 Agrees
    ✭✭✭✭
    Hi there all! for those who put their Chromecasts to an isolated network, I would like to know how have solve the problem of using it =D
    Keep looking up!
    VioletChepil
  • VioletChepilVioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    Principal Network (with your other devices like your Phone)
    @vulcansheart @marco_from_fing anything to add to help @hronos?

    Community Manager at Fing

  • vulcansheartvulcansheart Member, Beta Tester Posts: 117
    100 Comments 25 Awesomes 5 Answers 25 Likes
    ✭✭✭
    edited November 2019
    IoT Isolated Network.
    Using a software firewall/router with multiple LAN connections, I've isolated my IoT devices to a subnet and VLAN that cannot traverse into my secured local network. However, devices that are on my wireless VLAN (phones, laptops, etc) are allowed to initiate a session into the IoT VLAN for things like screen mirroring. If you have this capability, I recommend it for security and network control.
    *edit*
    I should say I voted "isolated" based on my tinfoil hat mentality caused by the things I've seen while attending DEFCON, and for the data mining practices of large corporations (Google included).

    41 4c 4c 20 59 4f 55 52 20 42 41 53 45 20 41 52 45 20 42 45 4c 4f 4e 47 20 54 4f 20 55 53
    VioletChepilHronos
  • HronosHronos Member, Beta Tester Posts: 289
    100 Likes 100 Comments 25 Awesomes 25 Agrees
    ✭✭✭✭
    @vulcansheart Nice one! Just to clarify, your Phones/laptops have to connect to the IoT SSID network or that "initiate a session" is resolve through the "firewall"? (I am supposing the 2nd one)
    Don't know if it's posible with my current gear... (pretty sure no) but it's a great solution...
    Keep looking up!
  • vulcansheartvulcansheart Member, Beta Tester Posts: 117
    100 Comments 25 Awesomes 5 Answers 25 Likes
    ✭✭✭
    IoT Isolated Network.
    No, my personal devices connect to SSID "The Fergowski's" which is VLAN100 (tagged by the access point). Based on firewall rules, traffic is allowed to initiate from VLAN100 to VLAN200, but not vis versa.
    41 4c 4c 20 59 4f 55 52 20 42 41 53 45 20 41 52 45 20 42 45 4c 4f 4e 47 20 54 4f 20 55 53
    Hronos
  • HronosHronos Member, Beta Tester Posts: 289
    100 Likes 100 Comments 25 Awesomes 25 Agrees
    ✭✭✭✭
    I believe a Linux box should help there, but are your switches any special to support that or you have physical independent ones or maybe don't have switches on VLAN200 (I ask because I have some kind of IoT's than are wired devices)
    Keep looking up!
  • vulcansheartvulcansheart Member, Beta Tester Posts: 117
    100 Comments 25 Awesomes 5 Answers 25 Likes
    ✭✭✭
    IoT Isolated Network.
    @Hronos Yes, I am using a managed netgear prosafe switch along with an Omada (tp-link) EAP225 access point that has SSID based VLAN tagging.
    41 4c 4c 20 59 4f 55 52 20 42 41 53 45 20 41 52 45 20 42 45 4c 4f 4e 47 20 54 4f 20 55 53
    HronosVioletChepil
  • ericyewericyew Member, Beta Tester Posts: 0
    Photogenic
    IoT Isolated Network.
    you may need to also look at enabling IGMP snooping and mDNS...depending on your setup. Have a look here for some clue:
    https://help.ubnt.com/hc/en-us/articles/360001004034-UniFi-Best-Practices-for-Managing-Chromecast-Google-Home-on-UniFi-Network

Sign In or Register to comment.