Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
I have this old TP-Link smart lightbulb, it’s the only thing that’s IoT and on WiFi in my house.
Looking through pfBlocker logs for fun, and noticed it’s been trying to connect to the Tor network.
Oh! Also, it’s been uploading and downloading 100+ MB of data a day.
It's just an NTP pool. The device is trying to update it's time. Likely it made many other requests to other servers when this one didn't work.
Maintaining up to date lists of anything is a game of whack a mole, so you're always going to get weird results.
If you're actually unsure, pcap the traffic on your pfsense box and see for yourself. NTP is an unencrypted protocol, so tshark or Wireshark will have no problem telling you all about it.
That said, I'd still agree with the other poster about local integration with home assistant and just block that sucker from the Internet.
NTP is an unencrypted protocol, so tshark or Wireshark will have no problem telling you all about it.
Wait, it is? Pretty sure chrony.conf has some auth stuff in it.
Authentication != Encryption
Right.
Destination port 123/udp isn't Tor. That's NTP.
You're the one that connected an impossible-to-security-update device to the internet. You can do plenty of home automation without it needing to be that way, if you're open to a little more setup being involved in the process.
It's on it's own VLAN from the beginning. Wanted to poke around but never got to it.
I still have it connected, want to use for practice.
Good on you. I use the poor man's VLAN--guest Wi-Fi network to isolate my IoT devices.
I hope you update the post with any info you find.
Will do. It's part of a long list.
Don't know my ADHD will hyper focus on it tho haha
I have no idea of all the details, but in legal terms this is called "res ipsa loquitur" -- in this case, the fact that it clearly seems compromised is pretty solid evidence that it wasn't immune to compromise.
Expected since TP-Link stopped updating them shortly after release.
Your house heard about the dark web and thought it needed some light.
TP-Link is trash. Avoid at all costs.
I went to ask nicely for help from their support department and got a development build for one of their routers. Not only was it an ancient version of OpenWRT with the myriad of unpatched vulnerabilities, but it had absolutely dumb/weird configurations like the Wi-Fi password being a user account password exposed to a patched up SSH daemon with shell /bin/false. Just a whole lot of why and an obvious lack of care put into the software.
Their devices function... Most of the time. That's about all that's redeeming.
Thats why my Smart Home is build on Zigbee. (Yeah VLANs and so on, but so many clients still makes your wifi worse)
I'm installing a new Wi-Fi setup soon and I will be putting all of my iot devices on an iot network that is segmented from my main wifi.
I will also be jailbreaking them from tuya and running a local home assistant.
Bit of a hassle but it's a fun experiment to get my "smart" home set up just for me.
The thing is it still impacts the other Wifi Channels and Networks (or at least those on the same band, guessing mist IoT uses 2.4GHz) even tho other Channels are used.
But, i see the appeal, since most smart home devices you can get cheap are Wifi connected. Hope that changes with the ESP32-H2 and -C6. Those are relatively recently released.
Wifi is just such a heavy proticol for just sending sensor data and some commands around, imho.
It doesn't affect it that much. It's very easy to separate out the bands and to put your iot devices far away from your regular Internet devices.