Internet of Things (IoT) 1

[drawoh]

I have just "attended" an online Meetup on IoT. They had a cute line...

Don't worry. Be crappy!

--
JHG

 

[Eufalconimorph]

31 Oct 20 05:04
Interesting. Thanks for that.

Have you got a link to this type of security? You've described it pretty well but if I go to implement it on my next embedded device I'll probably go off the rails somewhere without a road map.

Sure: This blog post has some good advice, and is easy to read.

For your own passwords, I recommend a password manager. I use KeePass XC, synchronized with syncthing, and a keyfile + master passphrase. Dashlane, Bitwarden, 1Password, and LastPass are all other options. I recommend a dice+wordlist method for generating a master passphrase. The EFF Long list is a good one. I tend to capitalize each word to make writing it easier, but that's not strictly necessary. 10 words is enough to meet the strength of the underlying encryption key (>128 bits), so even without any rate limiting a passphrase of that length would be secure.

31 Oct 20 15:45
Why have remote logins on an IoT device at all? In my example above, the machine sends out emails. There is no need to read emails. Remote access is a security hazard.

Remote logins requires trained, disciplined users. What if a user uses their strong password at some other site that gets hacked?

The login isn't always to the IoT device itself, it can be to a server-side system to access & control the device. Since the entire point of connecting a device to the internet is to allow some remote access and/or control, there needs to be authentication somewhere along the line. If you don't need remote access, don't bother connecting it to the internet!

 

[Alistair_Heaton]

Problem is that even if you don't want to remotely log in these days a lot of thing want to speak to some OEM server over a certain time period about updates etc. And they pull the safety card that you need the latest updates so it will go into a safe mode if you don't.

I have my stuff so that to get to it you have to go via a VPN and the OEM must speak to the server stuff is on its own subnet with zero access to the rest of it.

BTW i absolutely hate this cloud stuff.... Only have two systems which have to see the internet one is the heat pump the other the solar inverter. Managed to get everything else behind the VPM to control it.

 

[davefitz]

question- does the typical smart appliance communicate to the smart elect meter?

"...when logic, and proportion, have fallen, sloppy dead..." Grace Slick

 

[IRstuff]

Not sure if the smart meter is all that smart; as far as I know, all they do is real-time monitoring of power consumption

TTFN (ta ta for now)
I can do absolutely anything. I'm an expert!

https://www.youtube.com/watch?v=BKorP55Aqvg

faq731-376 forum1529 Entire Forum list

http://www.eng-tips.com/forumlist.cfm

 

[MacGyverS2000]

Not directly... but depending upon what wireless interfaces are available, one can make it so (BlueTooth mesh networks are the most common, but others exist). Make a hop or two to the master of the mesh (assuming your box isn't already the master), and you have an entirely new and fun set of tricks to play with.

Dan - Owner

http://www.Hi-TecDesigns.com