
Security Analysis of Emerging Smart Home Applications - MrQuincle
https://iotsecurity.eecs.umich.edu/
======
Loic
When you are building a home, you are not building it for the next two years,
you are building it for the next 20 to 25 years. You need to think about the
availability of your "SmartHome" appliance/system in 20 years. This is why you
should use a standard based system at the hardware level which can have a
gateway (with an open source option and open protocols) to a kind of
"interaction system" (voice, tablet, whatever). The interaction system can
change faster (for 10 years we did not had tablets) but you can still address
the hardware built in the house. After hours of research, the only option at
the moment is KNX with 100's of suppliers of hardware and many "interaction
systems" both pure hardware (switch) and software. Software is both open and
closed source.

From the security point of view, you can have the complete home automation
system disconnected from the internet/local network and have it to work only
with hardwired panels/switches.

[0]: [https://knx.org/](https://knx.org/)

------
knightofmars
If the owner installs malicious malware they're doing the exact same thing
that happens when an employee clicks on an email containing a malicious
attachment. Which amounts to social engineering and having informed users. I
want to be clear, this isn't an argument against better privilege management.
It is pointing out that the symptom is what is being exploited in this and
many other security scenarios of this nature. For example, I recently was
going to install a major department store's application on my phone to access
some specific account features. The application wanted access to nearly
_everything_ on my phone. I cancelled the installation and wrote an angry
letter to the company. But the reality is that most people would just click
"OK" and start using the application without ever thinking twice. In the
situation described better privilege management does nothing because the user
wouldn't use it correctly. (Another real world example is the "Brightest
Flashlight" Android application that was collecting data and sharing it with
advertisers.) We can go on being paranoid about these types of "attacks" but
the reality is we need to have 1. better informed users and 2. software
lifecycle processes and distribution mechanisms that don't allow attacks of
this nature to make it into the wild (which I believe ST does)

