Smart Homes Keep Getting Hacked! Secure Your IoT With These Simple Steps
ฝัง
- เผยแพร่เมื่อ 28 พ.ค. 2024
- Sponsor: Special thanks to DeleteMe for sponsoring this video! Go to joindeleteme.com/MorseCode * and use the code SNUBS for 20% off any plan! Learn more about DeleteMe’s security practices here: joindeleteme.com/security/
Becoming a Morse Code Member by checking out the perks linked here!:
/ @shannonmorse
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
SUBSCRIBE! 🌸 th-cam.com/users/ShannonMorse?s...
TWITTER 🌸 / snubs
Patreon 🌸 / shannonmorse
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
SUPPORT MY WORK
Patreon 💛 / shannonmorse
Buy Me a Coffee 💛 www.buymeacoffee.com/snubs
Shop 💛 snubsie.com/shop
TeeSpring 💛 teespring.com/stores/morsecode
Coupon Codes 💛 snubsie.com/support
Tech I Use & Recommend 💛 kit.co/ShannonMorse
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
FOLLOW THE SOCIALS THINGS
Twitter 🌸 / snubs
Instagram 🌸 / snubs
TH-cam 🌸 th-cam.com/users/ShannonMorse?s...
Website 🌸 www.shannonrmorse.com
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
TECH I USE AND RECOMMEND
My Kits, Builds, and Must Haves ✨ kit.co/ShannonMorse
My Amazon Influencer Page ✨ www.amazon.com/shop/shannonmorse
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
MY OTHER SHOWS
ThreatWire 🌙 th-cam.com/users/hak5?sub_confi...
Sailor Snubs 🌙 th-cam.com/users/sailorsnubs?s...
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
GET IN TOUCH
Mail ✈
snubsie.com/contact
Email for Business and Sponsorship Inquiries ✈ Shannon@ShannonRMorse.com
My Media Kit ✈ snubsie.com/work-with-me
Sponsor This Channel ✈ snubsie.com/shannon-morse
Music from 🎵 Epidemic Sound: www.epidemicsound.com/referra...
💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜💜
😍 FTC DISCLAIMER 😍
Affiliate links listed above allow me to receive a small commission. Any sponsorships for videos are noted in video and listed in descriptions. Any products provided as gifts are listed above. Thank you for your support!
Comment section code of conduct policy:
Constructive feedback is appreciated, but please leave unproductive, divisive and harmful conversation at the door. Hateful comments are not tolerated, and these kinds of messages will be automatically removed. Thank you for making this community a welcoming experience for all viewers :)
snubsie.com/code-of-conduct - วิทยาศาสตร์และเทคโนโลยี
Full home network security video, definitely.
I want a video on network security. I use home assistant and think mine is pretty safe. I’d love your input
Are you using 2FA on Home Assistant? Sadly they don't advertise the feature but I've been using it for quite a while.
How do you feel about home assistant monetizing the cloud feature, making it also really a lot harder to reverse proxy your own home assistant cloud to bypass there monthly fee? Just a little rant here but I'm tired of paying them lol I want my reverse proxy to work for home assistant as well. And also, 2fa for life 🤣
@@Pr0toPoTaT0 Nabu Casa does not make it harder for you to run your own reverse proxy. By definition giving away free and accurate instructions is making it easier to do it yourself. If you need help setting it up let me know.
@@jmr No major need for 2FA if you do not allow access to your HA server over the internet. If you keep it secured behind your firewall then the attacker needs to already be on your network. If they are already there then the biggest battle has been lost.
@@r2db I assume everything is compromised. 2FA everywhere!
Want to see home network security
have a great day
On it!!
Interested in what brands or companies you would recommend.
I would love to see a full home network security video or even series
Definitely would love to see home network video, thank you for being so smart and being a wonderful and amazing person love the channel. 🤗🤟
I don't really like cameras inside the house - but I have one. It is connected to a "smart" electrical outlet. I only turn it on when I leave the house, then turn it off when I come in the door. I often think about automating this with geofencing but that will be for a different day...
Full home security video would be great!
A video or series of videos on home network security would be great. As they say, knowledge is power.
Thank you for mentioning replacing obsolete network equipment and ensuring the devices are always updated to the latest firmware! Very smart advice.
A home network security vid would be awesome. Also, a collab about your smart home journey would be cool also.
I think Network Segmentation is an important aspect. Separate IoT devices and normal devices
Definitely overlooked Home Assistant and device that support local control.
I am speaking to folks that may be receiving iot devices as gifts or buying them for family for the holidays. But yes, home assistant is great if you are building your own smart home!
@@ShannonMorse rereading my comment it does sound a little short. Much of the other points are great, especially isolating and firewalling IoT devices to their own network. I’m a big proponent of local control. I steer away from cloud only devices. Hopefully Matter/Thread will make that more achievable. I can understand where someone gifting these wouldn’t have a clue. The marketing from companies nowadays is unscrupulous.
1) Tasmota
2) firewall
3) don't allow outbound Internet connections except to specific services (NTP time sync, etc)
yes securing home network and maybe like pihole sounds awesome :)
Full home network security video, definitely. DITTO!
Thanks to Dave Plummer, who uploaded only hours ago, I now know how to correctly configure a VLAN for IoT.
That was a great video! I just watched it yesterday!
Thanks for sharing these security tips. Blessings on your day.
Never watched you before but this reminds me I need to update my pfsense box and finish setting up all my secure vlans.
Yes to the home network security video
I love your rainbow sweater, it matches your hair.
Yes Shannon. I would like to see Your take on home network security.
I would advise that, where possible, use devices which do not require an internet connection but run on the local network. A good example would be a Home Assistant instance with Z-Wave or Lutron Caseta switches, Hue bulbs, and a network of Reolink wired (or wireless if you live in a rental) cameras with an NVR. They all store their stuff locally and interact with each other over the LAN. This means that even if you literally firewall all of them to keep them off the internet, most of their features will still work.
Also if you have a router provided to you by your ISP, send it back and get your own. Not only will you be saving money on their equipment rentals, but most ISP routers are objectively worse in some way than most commercially available routers on the market. Spectrum in particular doesn't even let you manage the router from within its own network. I have TP-Link Decos, for example. Aside from the fact that the 5G failover model isn't available in the US for some reason, Deco is one of the best mesh router ecosystems available.
Yes Shannon, please make a video on network security, thanks, love all you do!
great video! always uploading great content.
First time watching you. Very informative video, I have a Ubiquiti router and over 100 IoT devices connected in my household. This video is very relatable and is a reminder about how important security is.
I can't believe my toilet cam got hacked. I feel so violated.
Great video as always, Shannon! Your channel is a priceless resource for all of us. I also gotta call out the perfectly matching sweater and hair color: Amazing!
Thank you!!
Home network security video, would be amazing
I would recomend use devices what are able to stay full offline too if you not want/need online functions and use it only in local network.
Home Assistant! One app to rule them all!
These are very helpful Shannon! I probably should simplify the 37 smart home apps I have installed.
definitely into the idea of a home network security video!!
Yes please on the Home Security video, Shannon!
Home network security, yes please.
Home network security...Bring it on !!
Yes please on the home network security video!
Good work Shannon
Thank you!
Home network security would be great. Thank you in advance!
Please create a home network security vid!
This is why I avoid commercial and use enterprise for network and CCTV. Sure it costs more and can be vulnerable if misconfigured or left default but worth it if you can manage it
Good general information. Re: devices/clients on the router's admin panel. Some times it is very difficult to ID a device that is connected. Knowing it's IP is one thing. Being able to ID the MAC address (yeah that can be spoofed too) give's you a better handle on what is connected. I use a spreadsheet to ID everything that gets connected to my routers (main and IoT). Any new devices MAC is recorded before they are connected which reduces my confusion. There are programs/apps that let you monitor connected devices as well. Kudos for suggesting a factory reset of all used equipment.
please, I would love a full home network security video!
No one, and I mean no one, could have predicted this. 🤣🤣🤣
Please give us a video on network security
Hi Shannon,
I'd really enjoy a video on Network Security.
What would one do, if the router is ISP-Locked and only the ISP can change everything in the router, for example, Password change or SSID, anything, I have to mail support to change that.
Thanks for your amazing video.
Smart baby monitors having app control is crucial
Full home network security video
Do the full network video
Yes Please!!! Secure home internet!!!
Id like a network security video.
Home network security video ✔
Great video! For the Govee, I use it too and its awesome. I hate brand loyalty for many reasons but I do like Govee's eco.
As for security, I upgraded to Ubiquiti's Dream Router. Its seriously so packed with features for being essentially the same price as those "Gamer" routers.
On firewall rules, would it be necessary or good practice to filter in/out traffic to only the IoT devices remote services?
I do have some filtering set up on my UDM setup, but I was told by a networking friend that sometimes too many filters can "break" the IoT devices, so you have to be careful with it.
Would love to see video on network security. Followed you for years and trust your judgment.
spectrums default passwords have ben crack in full comcast too. Never keep the default from the ISP it my look like no one could guess that weird words combo, but for instance spectrums is adjective animal three numbers not that hard to make a password list from that.
You brought up apps and I’d love to see a video on mobile app tracking, and what data is shared where. Such as telegram making connections to Russia, Iran, Belarus, etc.
And loved this video and absolutely up for more on IoT in the home.
Putting your iot devices on vlans that no other devices are on helps if you have the resources/abilities.
local devices whenever possible, but I'm open to cloud-services when makes sense. But for anything camera, yeah no. I don't want any cloud service for that.
But anything brought in for IoT is local and I feel I have my Home Assistant setup in a pretty secure manner.
This is a big problem with these "smart devices". Does anyone know of a site that reviews these kind of devices from a security/privacy context?
A lot of event he cheaper devices have basic security. Even if it is minimal of a password.
Here is my direct offline observation: Most users are aware of the danger. Most users are ignorant. Most users do not care to turn on and or maintain even basic security.
very nice hair color match your sweater
Hi Shannon I have a question for you or anyone in the community. I have my IoT devices in its own vlan. And it works as expected. Now I want I move some of my self hosted internal services/apps containers to the vlan as welll. Things like Plex and Home Assistant. How do I do this if I need those services to also access my TrueNas shares but I don't want to put my NAS on the vlan? Any help and guidance would be appreciated.
This will come down to what you're using as your firewall to create & manage the VLANs.
But in general, you want to create rules that give specific access. Rules usually process top down, so you could do this for example:
VLAN IOT:
ALLOW outbound from VLAN IoT to TrueNAS
ALLOW outbound from VLAN IoT to Internet
BLOCK outbound from VLAN IoT to anything (this blocks all outbound traffic except the lines above)
VLAN STORAGE:
ALLOW inbound from VLAN IoT to VLAN Storage
BLOCK inbound from anything
BLOCK outbound to anything
These rules may not be exactly what you want, but hopefully the examples help.
Default credentials are a problem
My home was built new as a smart home. I made it dumb because it doesn’t need to be smart, nor does my family :)
Like they say.... in IOT, the S stands for Security.
There is no ecosystem. Only Home Assistant!
This x 42069. I rarely use any smart home apps anymore, and if it requires cloud account, hard pass
Most everything can be hacked, most secure? wired system not connected to lan/wan and a panic button for 911
73 Shannon!
You just need a OpenWRT supported wireless router, that will support VLAN and multipe AP's without breaking the bank!
Here is a security question I haven’t seen an answer for: When using additional layers of protection (Yubikey) without removing other potentially less secure layers (Authenticator or SMS notifications), will your security be less secure?
Please don't use sms for 2fa it is just way less secure than an app
This is a great question! Yes, if you have sms 2fa still on your acct as a second option, then that's less secure than just hardware 2fa. BUT you can set up an authenticator option and switch out your old app for the yubico authenticator app, then set up a hardware key to unlock the yubico auth app. I am going into more detail on this in an upcoming episode.
@@ShannonMorse thanks for your response. I think many people (including me) who add security options, sometimes forget to close previously enabled security options that are less secure or create security loopholes that were not previously there.
Overall you may think your account is more secure, but it really is less secure.
I self-host Habbo Hotel on a Pentium 3 with no Internet connection. Checkmate, hackers.
Video inside house…. Never cover an area where you might feel embarrassed by recording. Assume it could be compromised. Put other movement sensors in bedroom if you feel the need for it, not camera. I have 1 extra camera that i use when my parents want me to keep,an eye on them, sickness etc. and we place it next to the bed,a few feet away. Clearly visible. When not in use it is not powered and sits in box.
8:51 - Sometimes network segmentation like this isn’t even an option since some devices require they be on the same network as your controlling device (such as Chromecast, or Nest and Nest Doorbell _requiring_ this for setup and breaking otherwise, for example). It’s infuriating. It’s possible you can use hierarchical subnets for partitioning (e.g. WAN port of IoT dedicated router connected to a LAN port on your main network), buuuuuut… I feel like that probably gets a bit advanced. Haven’t tried that yet.
A tech called VLAN can help here. You can set up a VLAN with super locked down permissions and another with looser permissions that can communicate with the first VLAN.
Step One: Don't have a "smart home".
Step Two: See Step One.
simple: never use cloud service, just all local and connect via self hosted vpn, downside average people are not capable to setup such system
That's definitely the pro-networking ideal, but I agree with you - I wouldn't want to set that up on my parents network only for them to not now how to fix a problem.
@@ShannonMorse Not about that parents but now the young “engineers” are just landing as managed service operators of a Cloud based firewall, Cloud based VPN or Cloud hosting. Best thing one can do, buy a pack of popcorn and enjoy the weekly data breach reports
Dear Shannon, there are a few companies that promise to erase your internet personal information (Delete Me, Aura, Incogni, etc), would you be willing to do a video and/or share why you chose Delete Me? I sub to a few different tech vloggers and all three mentioned are equally represented. How does one choose? Thank you and happy holidays.
That's a great question! I chose deleteme many many years ago mainly because my cybersecurity industry friends also recommended it and I trust their opinion when it comes to online privacy tools. They've also been around for over a decade so they've got opt outs down to a science at this point.
@@ShannonMorse Thank you.
How do you change a password on a smart life (calex brand) camera? I find NOTHING about passwords or anything. Only thing is "establishing encrypted channel" shows before the feed loads.. But HOW is it encrypted and protected? How? Theres no login or password other thrn smart life app wboch supports 1000s and 1000s of different devices... None of mine so far need passwords
I'm not familiar with this brand. Some brands and manufacturers don't let you change the default password or they have really bad security standards, so I definitely recommend doing some deep research before purchasing.
If you've already purchased. Id suggest getting in contact with them with your questions.
Thank you for spelling out Alexa. It's so annoying when people pronounce the word and my Alexa triggers.
solution 0: don't buy IOT devices 😂 I mean smart IOT ( NOT NECESSARY ONE ! ) router , modem , firewall are essential to our home network.
our parents won't understand management of device ( phone to IOT device ) so we need to educate them importance of management.
full home network crackdown please
Thank you thank you thank you thank you for spelling out Alexa instead of saying it, that way it didn't trigger her. Cause we all know that she gets triggered way to easily, lol.
Would have a lot of fun with them if they tried to hack me...😂
For me cameras and locks will NEVER be in the cloud. Ever. That stuff is kept local as it is sensitive and private. I don't care if my Lights are doing crazy stuff or my blinds suddenly go crazy ... I'll just unplug them/their bridge and fix it. But cameras and even more so locks are security relevant. That data will always stay local - even though I use randomized password, 2FA and so on. I don't trust the companies with that kind of data/control - both security wise and also concerning selling my data.
One of the reasons I don’t like cloud only systems like Ring. Phillips is moving to that as well. When it comes to cameras, needs to be local only because of what was shown in the beginning of this video.
Also, the ease of putting crap on the network is getting ridiculous.
I hate using integrated WiFi routers, especially if it’s provided by the ISP. Just provide an RJ-45 jack and let me use an enterprise grade firewall and wireless system. +1 for Ubiquity, but more importantly, VLANs!!!
tip 1, dont have a smart home
Auto update your devices is not a good thing, even updates can be hacked or be buggy them selves. Always check with the vendor of your modem/router/accesspoints before applying the updates, and do not apply them immediately but check, check and re-check! (I have seen updates being pulled back due to some security reasons and bugs)
your no longer hosting threatwire?
Dont get a smart home! Prob solved...
Smart Homes - NOT. It seems every time the word Smart is added to home electronics it's the complete opposite. Should be called Dumb Homes, you're literally being scammed by tech for being bloody lazy.
I use a professional company. But no cameras in the house
This is a long advertisement by delete me. None of this information is useful
This is old as hell
Can we please have more women talking tech. Tired of the sausage fest most of the time...
There is really only one thing you need to do for smart home security... stop effing putting smart home tech in every room in your home. PERIOD. The garbage you are wasting thousands on is designed to NOT be secure and all that data is for sale. Just freaking stop. Your "convenience" is a cancer to your existence. I am an IT guy and even though you can somewhat harden your local network, you can't harden ANY of the garbage you are installing on it. Give me 15 minutes and I will find a way into your junk. Hint... your network isn't the problem.
I’m interested in your network mention. Ubiquity? I for sure want siloed networks