
Princeton IoT Inspector: discovers IoT devices and analyzes network traffic - 0xmohit
https://iot-inspector.princeton.edu/
======
wiremine
Disclaimer: I work in an IoT-focused consultancy and work with Fortune 500s in
their IoT strategy.

This is a _great_ idea. Not sure the implementation is perfect, but giving
consumers more control/visibility over their devices is going to be
increasingly important.

I hope we get more companies into this space, but I don't think it's well
understood enough to be a viable business. Until then, open source tools like
this are going to be great.

If the authors are watching this thread, reach out, I'd love to connect you
with some of my customers.

~~~
siliconwrath
Hi! I work for a security startup that focuses on IoT security, and is solving
these issues for enterprise. Would love to connect.

------
savrajsingh
From the faq:

Security: All data collected from your IoT devices is stored on a secure
server at the Department of Computer Science in Princeton University. IoT
Inspector transmits data to our server over a secure channel, i.e., HTTPS.

~~~
css
If you want to compile it from source I can't imagine disabling this would be
all that difficult: [https://github.com/noise-lab/iot-inspector-
client/blob/c5b0f...](https://github.com/noise-lab/iot-inspector-
client/blob/c5b0f2f3fc3c34ec1a8d7518c75cd9d599f4cbeb/v2-src/inspector.py#L59)

~~~
kkarakk
or just the little snitch firewall on macos to disable it. that's what i did.
sorry princeton

------
devy
The paper preprint behind this tool is here:
[https://www.cs.princeton.edu/~yuxingh/static/pets-2019.pdf](https://www.cs.princeton.edu/~yuxingh/static/pets-2019.pdf)

------
mAritz
If anyone from the inspector team is reading: The audio in the "Installation"
video really should be removed. :-D

~~~
StavrosK
I don't know, I thought the random snot-sucking and throat-clearing gave it a
nice, relatable quality.

------
samfisher83
Why is their python app mac only? I guess it probably works on linux or
mindows too. Wish they tell you what the main starting class was.

~~~
aetimmes
Because they're interacting with network stacks using OS-specific interfaces.

    
    
      def enable_ip_forwarding():
    
          os_platform = utils.get_os()
    
          if os_platform == 'mac':
              cmd = ['/usr/sbin/sysctl', '-w', 'net.inet.ip.forwarding=1']
          elif os_platform == 'linux':
              cmd = ['sysctl', '-w', 'net.ipv4.ip_forward=1']
    
          assert subprocess.call(cmd) == 0

~~~
TheRealPomax
Ah, that good old "all of US use macs, so we have no reason to make it work
cross platform". "Aren't you making this for people to find IoT devices?" \-
"Yes?" \- "Isn't probably more than half the student body _not_ on apple
computers?"

~~~
aetimmes
In my experience, the % of students at Princeton using Apple computers is
definitely north of 50%. However, given that they're students, I doubt they're
the target audience for this utility, since they're likely not homeowners (if
they're living in dorms, they likely don't have that many IoT devices to be
worried about).

The target audience is likely "privacy-minded technically capable home network
owners", a significant proportion of whom likely skew towards Apple products.

~~~
kkarakk
>The target audience is likely "privacy-minded technically capable home
network owners"

why would you use apple if you're technically capable? locked down linux would
be waaaay more secure(and give you waaaaay cheaper options)

~~~
bryan2
> privacy minded technically capable network home owners

Uploads all data to Princeton’s servers.

------
skvj
Great idea, however would be great to see an option which used the dataset but
did not upload your data.

I've read the "FAQ Why must IoT Inspector upload the data to Princeton?" and
do understand the reasons for data collection, maybe once it reaches a data
saturation point this new option could be introduced (I believe there is a
“Start/Pause Inspection” button but that seems to only temporarily pause
collection).

Naturally, there's going to be some reluctance in using and deploying a tool
that uploads data to an outside party.

------
mountsbay
From the website: "[2018-04-13 13:32 ET] We're still under heavy load. To
reduce the likelihood of the Gateway Timeout error, we've reduced the refresh
rate of the data -- i.e., information about your devices will be updated
roughly once every minute (instead of once every 15 seconds previously)."

------
cstuder
Including a nice and extensive FAQ on how they collect data: [https://iot-
inspector.princeton.edu/blog/post/faq/#data-priv...](https://iot-
inspector.princeton.edu/blog/post/faq/#data-privacy-and-security)

------
rkagerer
Uses ARP Spoofing to capture data
[https://en.m.wikipedia.org/wiki/ARP_spoofing](https://en.m.wikipedia.org/wiki/ARP_spoofing)

------
TheRealPomax
Whoever made this site needs to spend just those few minutes more to ensure
that images, one of the most basic HTML elements, actually work with a script
blocker (wisely) turned on.

