When you see how the sausage is made you don't want it. Software engineers know how many corners are cut

IoT is terrible, and typically proprietary. I prefer the FOSS and SelfHosted route. But as it turns out, I too prefer a less online set of home items.

I have very minimal smarts in my home. I'm jaded and over it all, and you can guarantee the shitty devs producing this stuff couldn't care less, while working for actively hostile mega-corps.

Fuck that. Having said that, there are compromises - my TV does get out to the internet and I have a win 11 PC in the lounge as the primary machine.

If I had the emotional energy I'd start fiddling with nessus or whatever the new flavour is, to confirm my suspicions but I just don't need the burnout

Can confirm. Technology is a disaster waiting to happen.

Unless you want to live like a luddite, you can find ways to have the best of both worlds.

As a fairly seasoned IT veteran I think it boils down to the tradeoffs between security, privacy, and convenience--just like at work. I'm sure most of us have implemented things in less secure ways to accomodate a business need. When you do that at work, you just try to mitigate that risk as best you can by putting other measures or controls in place. I do that at home.

Everyones tradeoff decision will be different, but at some point, for me, the convenience of some IOT and smarthome devices outweighs the security and privacy concerns. Or at the very least I realized its a weird hill to die on as we use our android phones, google for searches, gmail, instagram, etc. I am sure some of you have completely divested yourself of all of those services and have GrapheneOS installed on your phone and use OpenStreetMaps to get yourself lost. Most of use still use a few of those.

That said, I think the nerdiest and most security privacy saavy among us in the IT field can implement it in a fairly secure way. Pfsense,Ubnt, ofsense,openwrt routers with vlan segregation for traffic. IDS/IPS, pihole local dns, etc. You can absolutely make it so devices only communicate in ways that you approve. With things like VPNs (tailscale), Cloudflare tunnels, etc you can access your stuff securely without exposing any admin things to the public web.

Digital locks are fine, just get one with a mechanical lock too. I have a digital lock on my front door that I can program with keycodes but it also has a key. I can give the cleaners a temp code if I need to. I can give my neighbors a code if they watch the house while I am away for a long time, then I can get expire it when I return. The analogue alternative is arguably less secure.

That is basically my requirement for smarthome or connected devices. I need to be able to control it to a level that I feel comfortable and if it fails or isn't connected it still needs to work. IE no smart light switches that don't function if the wifi is down--they still need to be a switch. My nest thermostat still works without wifi. My smart plugs still work without wifi. If any of those things was hacked or compromised, they are completely segregated from anything of actual value on my network--and depending on the device it wouldn't be able to see anything else at all.

For major appliances, I dont see the value of any 'smart' features built in (yet), so I won't be buying them anytime soon but if I did they'd still have to meet the "still needs to work in 'dumb' mode" requirement--smart, connected features are extra not required to function.

I work in retail, which is the reason why my house is shit.

Your network is only as secure as it's weakest link, IoT devices are a liability unless they are on their own isolated network and who has the time to set that shit up to open their blinds from a phone?

DDI engineer here. I use smart home stuff. Fully kitted out locks, cameras, Google home, smart lights, etc. that said, I also use pfsense, a dmvpn, and run a private caching name server. If someone hacks into my shit, then I deserve it and will learn from the experience. Also yes, I know the Google home, smart tv, FBI, and the Zoroaster prophet are listening to me, and no, I don't care.

Goddamn right.

Actually, I hadn't thought about the router and I'm panicking now. My router is some MR9600, and the speeds through it are great, but I feel like I over paid for something that I can't install my own firmware on. I think my pi.hole is the DCHP anyway, and now I'm really thinking I need to find a new router

IT since the 90's.

I have all those things and more, and 6 seperate VLAN's with isolation, strong rules, alerting and honeypots in all the right places.

My strategy is just be unpredictable af. Use FOSS as much as possible. Dont use google services except maybe google maps. Make an active effort to decouple accounts. Treat phone number 2fa like the plague.

My entire family, 20+ people, multiple generations, are pretty much all CS/engineers. We all have smart home shit that depends on wifi etc.

I have smart lights because I like the light to get warmer throughout the day but that's it, does anyone have a foss solution? Google is unhelpful.

Sr IT engineer here. I've somehow come full circle and now have an entire smarthome setup. It's running on a IoT network so it can't see my other devices, but I'm sure that some poor Amazon employee has to watch me walk around in my underwear from my robot vacuum camera. I just don't care anymore.

Maybe. I'm in cyber security, people tell me I'm pretty decent at it. I have smart everything in my house, but I also use opnSense in my hardware router, have a span port to Security Onion and laugh at the logs, repurpose old desktops as servers for media or whatever, keep most things local except for a few backups, and have battery/UPS backups for my intranet and critical systems.