Making My Home Slightly Smarter

Ahmed Musaad
Ahmed Musaad
Making My Home Slightly Smarter

I have been working from home for the better part of last year, and it was starting to get on my nerves. I needed some new shinty object to distract me from the current depressing reality, and what's more shiny than a light that can change it colours following the music playing on your phone?

I am a security engineer, it's part of my daily job to assess technical risks and provide proper advice on controls and mitigations to these risks, this extends to my personal life as well where I try my best to apply the same principles when dealing with technology. In this post, I will tell you about how I added a couple of smart devices to my home and how I managed some of the risks they pose to my privacy and security.

If you ever thought about buying some smart devices for your house, there is a good chance you read/heard the following joke:

Tech enthusiasts: My entire house is smart.

Tech workers: The only piece of technology in my house is a printer and I keep a gun next to it so I can shoot it if it makes a noise I don't recognize.

Many people both within the security industry and outside it share this sentiment against smart home gadgets and justly. Internet of Things devices are horrible when it comes to security and privacy, and that's putting it nicely.

Millions of homeowners exposed after smart-home camera leak
Wyze Labs, a startup that makes smart home cameras and other home security devices, has confirmed a data breach that may have exposed 2.4 million customers
Security researchers expose new Alexa and Google Home vulnerability
Security researchers have disclosed a new vulnerability affecting both Google and Amazon smart speakers. Both could allow a hacker to use them to eavesdrop on or even phish an unsuspecting user.
Apple’s Siri violated ‘the privacy of millions,’ says whistleblower
In 2019 news broke that Apple contractors were listening to users’ Siri recordings without their knowledge or consent, but the company ‘has not been subject to any kind of investigation’

Any person with a reasonable common-sense and good threat modelling / risk management knowledge will recognize the considerable risks they would be introducing to their homes once they adopted one or more of these smart devices. However, just because a risk exists, don't mean we should all give up on the potential benefits.

Why?

I was bored. I have been working from home for the better part of last year, and it was starting to get on my nerves. I needed some new shinty object to distract me from the current depressing reality, and what's more shiny than a light that can change it colours following the music playing on your phone?

What?

So, turns out smart devices aren't cheap by any means which led me to look for the most affordable options out there, here is what  I ended up using:

  • A Google Nest Mini (got it as a gift from Google but never used it).
  • Ikea smart lights and their bridge (probably the cheapest smart lights around).
TRÅDFRI Set med gateway, vitt spektrum, E27 - IKEA
TRÅDFRI Set med gateway - vitt spektrum E27. Enkelt att komma igång med ett TRÅDFRI smart set som innehåller gatewayen, fjärrkontrollen och 2 E27 LED ljuskällor (stor sockel) med vitt spektrum. Kan enbart användas med produkter inom IKEA Smart belysning. Standbyförbrukning: 0,5W.

How?

The setup process for these lamps is quite straight forward, just watch the video below, and you will get a good idea of how it works.

I did a couple of extra steps for the sake of security:

  • I forced the traffic from the gateway through my PiHole server.
  • I isolated the gateway and prevented it from reach other devices on the network except for my phone.

Once I was done with these things, I coupled the lights to my Apple HomeKit application and started enjoying my new fancy, smart light.

The Result

Well, turns out these lights aren't as fun as I expected. They have a limited colour spectrum (I knew that when I bought them). They are a bit unstable and don't work smoothly all the time.

  • Do I regret buying them? Absolutely not.
  • Will I buy other models that have more colours? Yup.
  • Is there any technical value in this post? Most likely not.

One thing I know for sure, I will do some IoT security testing using these lamps just for the sake of learning more about the topic.

PS: I tossed the Google Nest Mini off my network, good sound isn't worth giving Google more information about my activities.


Cover Photo by Dan Farrell on Unsplash



Great! Next, complete checkout for full access to Ahmed Musaad
Welcome back! You've successfully signed in
You've successfully subscribed to Ahmed Musaad
Success! Your account is fully activated, you now have access to all content
Success! Your billing info has been updated
Your billing was not updated