I remember trying to buy a TV that does not have "smart" functionality a few years ago. It was a chore. Today it seems impossible.
And not just TVs: ovens; refrigerators; dishwashers — all have "smart" options. In fact, it seems that more and more the available non-smart models are only the simpler ones, less performant in ways that are not related to any smart functionality missing.
My non-smart TV was available only with lower resolutions than "smart" models of the same brand.
1/
This really annoys me. I am too well aware of security implications of smart devices.
I do not want to have to manage regular software updates for whatever number of appliances I have at home, or risk somebody using them in a botnet (or worse).
And no, I don't trust their "disable WiFi" menu options either. Seen this setting get enabled without my consent too many times.
I *could* put them on a special VLAN, but 99% of people can't. That's a problem, and not just for them.
2/
In 2016 a router-based Mirai botnet took down Dyn, one of the biggest online infrastructure companies, and many well known websites with it:
https://coar.risc.anl.gov/mirai-attack-dyn-internet-infrastructure/
Mirai mainly targeted home routers.
As early as 2018 there were already botnets that… used CCTV cameras. But of course the predominant media narrative was "hackers attack" instead of "vendors put us at risk":
https://www.vice.com/en/article/9a355p/hackers-are-using-cctv-cameras-to-create-botnet-swarms
But I digress.
With all this in mind, I started thinking of how could this be solved?
3/
So here's my (silly?) idea: a regulatory requirement for #IoT / smart-appliance vendors to provide either:
a). similarly-priced models physically without the smart functionality but with other performance metrics on-par with their smart models;
or
b). a reliable, verifiable, physical way of disabling smart functionality in their smart-devices.
I want to be able to buy a damn refrigerator without worrying about it joining a botnet! Just ain't cool.
I wonder if this makes any sense!
4/
@rysiek I agree. If I simply never provide my “smart tv” with my wifi credentials and also turn off wifi in it’s software, doesn’t that address the issue?
@wincing I've had appliances magically "re-enable WiFi" without my consent or action. There are smart TVs that automagically connect to open WiFi networks they find.
No, you cannot trust software settings.
@rysiek that’s wild. Haven’t experienced that myself and it joining open networks isn’t an issue for me, due to my housing situation. Totally agree a hard switch or non smart option should be available. Tried to avoid a smart TV for years but recently needed a new one, and saw no other options.