this post was submitted on 23 Sep 2024
1316 points (97.1% liked)
People Twitter
5228 readers
1964 users here now
People tweeting stuff. We allow tweets from anyone.
RULES:
- Mark NSFW content.
- No doxxing people.
- Must be a tweet or similar
- No bullying or international politcs
- Be excellent to each other.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Personally I love the idea of a smart home only if its self hosted and running on fully open source software, also never put a gun near an unattended printer :3
And if anybody is wondering if that exists, it's called Home Assistant.
I really need to get back into troubleshooting why it won’t work in my instance. Got into a habit of it but I got distracted by a crazy lady
Never connect an unattended printer.
Zwave is superior for not clogging up the 2.4GHz airspace, both are darling to use with hass. Wifi is a close third for usability but suffers from bogging local wifi/airspace without interoperability without a controller of some kind being online. Zigbee/Zwave both can function somewhat even with the local server offline
Home assistant, as a central system (it basically let's you wire anything into anything!). The smart switches etc should be esp8266 or esp32 based. You can then flash either tasmota or esphome to them.
Since your server will likely be Linux based, it's open source all the way to the bare metal, (or at elast as close as possible).
My current system almost doesn't notice if the Internet dies. Also, if you nuke critical components, in the worst case, it still defaults to dumb control behaviour (physical switches still work etc).
I still know where the kill switches are however. I've also made sure it doesn't have control of anything mobile, other than the robo vacs, and I'm fairly sure I could take them in a fight.
Last I checked the only fully open stuff is one manufacturer's IBM power 9 workstation and several Chromebooks
Is it better in embedded stuff? Last openWRT device I ran needed a closed binary for network
There's still some various binaries. E.g. the expressif sdk generated code. However, it's far harder to sneak something nasty into it.
Codespace is at an extreme premium on microcontrollers. Kb, and even bytes matter. A big, complex bit of malware would take significant space, likely enough to be noticed quickly.
As for smaller, simpler malware, this is a possibility. However, due to their nature, microcontrollers get a lot more scrutiny of their outputs. Random data dumps to an unexpected external address would be caught VERY quickly.
This is compounded by the fact that it's not uncommon, at least in larger installs, to segregate IoT devices from the main network. It stops them cluttering it up, and slowing it down. This makes it easy to firewall off the network from the Internet. They can talk to each other, and the central coordinator, but only the coordinator can see the internet, unless explicitly allowed.
If my network were compromised via my smarthome setup, my first suspects would be the debian PC running home assistant, or my ubiquiti router. I've at least reduced my target area to business grade networking kit and a single Linux server. I'm not an impossible target, but far from a soft one.