i still think IP based smart home kit is a mistake. The internet is already such a big vuln, we don’t need a shit ton of garbage sitting on the network only making it more vulnerable.
communication standards like zwave, and zigbee, are preferable here. It looks like at least one of those supports it, but perhaps both will be protocol agnostic.
Think of Thread as Zigbee with an IPv6 stack. It’s a local communication standard but with a compatible protocol.
I was excited that my current phone has a Thread radio so it can be on the local network for presence and control. Unfortunately not supported yet.
I’m definitely worried about the recent Matter standard for internet access. They say it’s optional, but that capability is easily hijacked by unscrupulous vendors.
my thermostat has cloud functionality that I want, so I’m fine with the option of giving them internet access
my air purifier requires internet access to report back to a vendor-specific portal filled with advertising. I’m not ok with that tradeoff so don’t use any smart functionality.
it’s definitely cool that we have the capability of things like thread/matter zigbee and zwave now.
I would be more ok with local IoT devices being IP based if they were intended on being used with an “offline” network. Though that’s a little funky to setup, and causes interference issues, so i think i prefer the zigbee and zwave solution of using a different protocol entirely, especially since it mandates offline handling.
My two biggest concerns with IP connected devices are most home networks are not properly delegated, so people aren’t creating a second subnet specifically for IoT devices for example, and they most definitely aren’t properly providing access controls through that network as well. So if someone manages to get into one of the devices, you basically have the entire network at that point.
One of the big advantages of non IP based systems is that you have a “point of relay” or gateway between all of your IoT devices and your network, which becomes the attack vector, making it a lot easier to secure, and manage. Even if you managed to hack into a zwave/zigbee network, it would only be locally, and IoT devices only, so it’s not going to be hugely problematic.
theoretically you can do all of this on a traditional IP based network, i just don’t think it’s the correct approach. Sort of like making a carboat, or a boatcar. You could, but why?
I think at minimum, a standalone IoT device should not be capable of connecting to the global internet, period. Through something like a gateway or “point of relay” sure, that’s fine by me, but even then i would prefer open standards and documentation on that specific feature set.
i still think IP based smart home kit is a mistake. The internet is already such a big vuln, we don’t need a shit ton of garbage sitting on the network only making it more vulnerable.
communication standards like zwave, and zigbee, are preferable here. It looks like at least one of those supports it, but perhaps both will be protocol agnostic.
Think of Thread as Zigbee with an IPv6 stack. It’s a local communication standard but with a compatible protocol.
I was excited that my current phone has a Thread radio so it can be on the local network for presence and control. Unfortunately not supported yet.
I’m definitely worried about the recent Matter standard for internet access. They say it’s optional, but that capability is easily hijacked by unscrupulous vendors.
it’s definitely cool that we have the capability of things like thread/matter zigbee and zwave now.
I would be more ok with local IoT devices being IP based if they were intended on being used with an “offline” network. Though that’s a little funky to setup, and causes interference issues, so i think i prefer the zigbee and zwave solution of using a different protocol entirely, especially since it mandates offline handling.
My two biggest concerns with IP connected devices are most home networks are not properly delegated, so people aren’t creating a second subnet specifically for IoT devices for example, and they most definitely aren’t properly providing access controls through that network as well. So if someone manages to get into one of the devices, you basically have the entire network at that point.
One of the big advantages of non IP based systems is that you have a “point of relay” or gateway between all of your IoT devices and your network, which becomes the attack vector, making it a lot easier to secure, and manage. Even if you managed to hack into a zwave/zigbee network, it would only be locally, and IoT devices only, so it’s not going to be hugely problematic.
theoretically you can do all of this on a traditional IP based network, i just don’t think it’s the correct approach. Sort of like making a carboat, or a boatcar. You could, but why?
I think at minimum, a standalone IoT device should not be capable of connecting to the global internet, period. Through something like a gateway or “point of relay” sure, that’s fine by me, but even then i would prefer open standards and documentation on that specific feature set.