Sunday, April 24, 2022

Between a Rock and a Hard Place

That's where ALL Insteon users find themselves.

I've had a good ride with Insteon. Until April 15, 2022.

I'll let you read Stacey on IoT's coverage. And even SmartLabs' feeble and belated attempt at explaining.

Where that leaves me and 1000s of other Insteon users is that their in-house equipment is fine but crippled due to being down for the count.

So, where do I go from here? There are several organizations out there trying to help.

But let's think about those solutions. They all cost a couple of $100s. And when you're done, you still have the Insteon switches and plugs which you can no longer buy and the Insteon hub which you can no longer buy. And the solutions put a server in your house that you have to support and maintain.

That's the Rock.

Then there are the alternatives. These mostly consist of Wi-Fi switches and plugs but depend on a cloud service.

What do you do if/when the cloud service goes away like Insteon did?

That's the Hard Place.

My decision is "Less is More." I'm going with Wi-Fi switches and plugs with no hub and server in the house. At least there are less moving parts.

And I plan to use Amazon Echo to create the automation schedules and routines. That gives me one degree of separation from the Wi-Fi switch and plug vendor's cloud service.

Sunday, April 10, 2022

Don't Believe Everything You Read on the Internet

I guess the title of this post is obvious but from time to time I just have to repeat it.

You'll remember that I'm a big fan of Wyze. But that doesn't lower my expectation of them.

The Verge did a "The Sky is Falling" story on Wyze's v1 camera. Incidentally, Wyze stopped selling them in 2018. They continued supporting it until January 2022.

The security research firm Bitdefender discovered a vulnerability in the v1 camera in March 2019. For some unclear reason, Bitdefinder didn't go public with this after a responsible time. Nor did Wyze share the vulnerability with it's customers.

Then the media started piling on. Read some here.

Even my favorite security podcast featured the vulnerability as "Not So Wyze."

Squarely in the doghouse this week is WYZE whose super-popular webcams have problems which are just as serious as those of the company itself... and, oh!, the authentication bypass details, which I'll share, are SO wonderful!

But don't stop listening there. Listen on to 1:31:12. Someone in the chat room asked "Would it be safe to use a Wyze cam v1 behind a firewall?" Steve answered "I think so. ... The threat model is that you might have mapped a port through it so that you had access to the camera directly, remotely ..."

Listen folks, if you have mapped a port through your firewall to your security camera, you get what you deserve.