Wifi enabled products that do or don't need to be wifi enabled

In My Humble Opinion
61

Any security can always be defeated by an attacker with enough resources.
Your doors have to have better locks than the neighbors’ to deterr ~100% of all attacks.

You should worry about basic security of your internet enabled gadget (can it be made part of a botnet?
– setup reasonably secure credentials. Somebody will write a bot to try Admin/admin on your device)

You should worry about the manufacturer going broke or otherwise stopping support – leaving you with a useless device.
Worry about getting iinconvenienced by the device getting stuck in some update or loosing connectivity during an update.

62

How do you want it to connect to your phone? Bluetooth?

I don’t have much Internet connected stuff, but i do have a meat thermometer on WiFi that i love. I just bought a sous vide stick. I think they all have a phone app, but i bought the one that had controls on it so i don’t have to. Haven’t used it much, maybe I’ll end up using the app.

63

Not picking on you @Darren_Garrison, as that story definitely made the rounds. Here is an update:

Full text of article, and punchline: It’s not.

From an update to the original article at Tom’s Hardware, the original story was used as an example of something that could happen, but was not happening. I was suspicious that a toothbrush would run java (probably that embedded version, but still seems very heavy for something that is just recording how long you brushed), but if pregnancy tests can run Doom

Yes, this is why putting too much effort into some forms of security becomes ridiculous. I could have spent 10 times as much on my front door lock, making it much more difficult to pick. All that would mean is if someone really wanted into my house they would break a window. Spending a few cents more on longer screws for the lock, so my door cannot be easily kicked in, however is very worthwhile.

Similar with IoT. There is a reason IoT stands for “Internet of shiT.” Most of these devices have terrible security, but in many cases, that doesn’t matter. They aren’t directly reachable from the internet, so it is very unlikely your thermostat is going to show up on Shodan. What is likely, is that the cloud service the thermostat connects to has a flaw, and can be hacked that way. Or, someone already on your local network is able to hack the thermostat.

Like all things security, it becomes a list of tradeoffs. All remote controlled garage door openers are subject to attack. Being able to monitor and open my garage door remotely is useful, therefore I’m willing to accept the added attack surface of the MyQ service. If I find out about a flaw in MyQ being exploited to open garage doors, then I can remove my opener from the network, until the flaw is fixed.

64

That’s my thought exactly and in about 28 hours I will have one installed. It’s far easier and just as quick to pick the lock on the side door, crow bar open the side door or spoof the old style garage door remote. MyQ isn’t going out of business, nor is Nest or Brother. Even if they do, I can use all of them the old fashioned way. As others have said, I would never have a device that can only be used by an app unless it was something trivial that I don’t really need

Such as me. But I could probably figure it out. Can you please point me to a reference?

65

Indeed, lose your electricity and whaddaya gonna do? At least with a non-wiFi gas stove I can light the burners with matches.

66

Same with a wifi gas stove. Do you really think that they can’t be used otherwise? It’s just an extra feature that most people don’t even use.

67

It is not only about understanding the concepts. It is also about having networking hardware that is capable of creating VLAN’s (hint: if you have to ask - you don’t)

68

Yeah it’s probably safe to assume that the router assigned to me by Cox doesn’t have the capability.

69

Unfortunately it’s not that simple–that was kind of what I was getting at.
The router manufacturers don’t make this as easy as it really should be; they all do it different.

Here’s the gist, that might be useful or at least can help guide some Googling:

The basic approach would be to set up two separate networks, with two separate Wi-Fi names. One network is for your trusted good stuff, such as your PC and your iPad. The other network is for “stuff you don’t trust at all”

You only use the “goodguys” wifi network for trusted devices.
You use the “sketchy” wifi network for appliances, thermostats, TVs, printers, and such.

You then configure firewall rules so that “goodguys” devices can see each other and can speak with “sketchy” devices, but only if the trusted device initiates the conversation.
You also set up firewall rules so that “sketchy” devices cannot see anything in your home; they can only speak to the Internet. IF a “goodguys” device starts the conversation, that’s OK. That’s how you would print from your PC to your printer, for example. That’s also how you could screencast from your iPad to your TV.
“sketchy” devices cannot even see each other. This means that some rogue device with malware off of Aliexpress won’t be able to do mayhem with other things on your network.

A different topic, the concept of VLANs, is more about wired networks, but it is kind of like having “sketchy” traffic separated from “goodguys” traffic for plugged-in devices.

This can get as complicated as you want too–a good addition is to have a “guest” network that is similar to the “sketchy” network, but you give that password out to friends.

In a better world this would all be handled with minimal effort by appliances, routers, and so forth; unfortunately, it is up to the family computer geek to sort out the settings for these kinds of things. For example, I use Ubiquiti gear, so I have to know how to configure these things using their tools. It would be entirely different if I were using Linksys or Netgear equipment.

70

Thanks for that great explanation.

71

how fitting i just read this about 10 minutes ago

72

Kayaker said (and I messed up the reply code): “We don’t watch tv very often. In fact, it hadn’t been turned on in over a year. Our dog Simi destroyed the remote control and we haven’t bothered finding a replacement.”

Just in case you do decide you need to replace the remote, I was quite surprised to be able to buy a replacement for my 8 year old TV through Amazon for about $6 so be sure to check there.

And wg123 said " It paid attention to the temps we set, and when, and has come up with it’s own schedule which is pretty much on."

I’ve thought about a “smart” thermostat in the past but I’m on a time-of-use program with the electric utility. AC has to be off at 3PM and shoudn’t come on until 6PM. So at 2:45 my current thermostat (which doesn’t have a “learning” function) sets the AC to 90 to be sure it doesn’t come on. At 6:01 it drops it back to 70 for cooling. A learning thermostat would try to predict that and would be turning off late and turning on early all the time.

I suppose I could try teaching by trial-and-error, but it isn’t worth it to me.

73

So it’s pretty much something that they can charge you more for, whether you want it or not and adds something else that can go wrong with the appliance. Pass.

74

Hyperbole much? If you don’t enable it nothing can go wrong. I got a nice range when I got my kitchen remodeled and it was part of it. There are plenty of other features that I will never use like the plug in thing that measures the temperature of a roast or the removable cast iron griddle that goes over two of the burners that I’m sure added more to the cost?

75

You can also, very easily, set manual times and temps. It learned our schedule and I did a little manual tweaking to fine tune. Also, luckily, we live in the land of 9 cents per Kwh round the clock.

76

We will. We are in a passive aggressive type situation. Neither of us watches tv. I binge series on my tablet, She wants to watch presidential debates and so she pays for satellite television for that.

With elections coming up, she will be asking me to order a replacement tv/dish remote control, and I will.

77

There are also phone ap remotes that you should be able to find.

78

Good to know. If debates begin before I order a replacement remote, I’ll probably check into that.

79

Not necessarily, but it’s hardly isolated to WiFi. My (electronic, but not “smart”) oven got stuck in “Sabbath mode” several years ago due to a failure on the circuit board. Made it unusable. I don’t make it a habit of blaming the Jews for everything, but it was sorta undeniable in this case…

80

I’m on time of use also, so I had the same goal.

Several years ago I replaced a very old learning thermostat with a new one. The old one was of the type where if set to 70F at 8pm, it would try to hit 70F by 8pm. The manual claimed there was a switch to change the behavior, but the photo in the manual did not agree with the actual dip switches on the device.

I replaced it with a new one that can be set to a static mode. At 8pm it changes the set point to 70F, nothing fancier than that. It is a reasonably sophisticated programmable, but does not have any network capabilities.

Before I bought the new one I investigated Nest and other network ones with how they worked with time of use pricing. Nest’s answer came down to “we’ll take it into account when deciding what to do.” That wasn’t a good enough answer, so pushed me towards the much cheaper optoin.

Be careful with this strategy regarding devices that want to join your wifi network. Some will create their own hotspot waiting for an app to connect to tell them what to do. The better ones will require some sort of physical interaction to continue setup, but some just scream “Hey, anyone there?” into the void, until one of your neighbors connects and starts messing with the volume on your TV because you didn’t cleanup after your dog pooped in their yard.

Joking aside, not using the network connection stuff is generally safe, but leaving the appliance in its default unconfigured state may not be safe.