Don't automatic pet feeders run on timers? And vacuums run on a timer + sensors? And thermostats run on a timer + sensors? I'm not seeing why any of those would be on a network, much less the Internet. In order to put them on a network in the first place, you'd need to have a way to configure it locally (e.g. bluetooth), so why wouldn't you just set schedules there? The whole point of automation is that you set it up once (like when you open it) and then never touch it again. Again, best practice would be to never connect it to a network at all.
The AirBnB use-case seems fair enough. I'll still maintain that having devices connect to hostile C&C servers (which is the current status quo) is not a basic best-practice or an incremental improvement. The recent story about inverters being bricked by a distributor demonstrates why. Literally damaging electrical infrastructure (which is what happened) is one of the the boogeymen used to push for better security, and can put people's lives at risk. That attack should have never been possible.
> Don't automatic pet feeders run on timers? And vacuums run on a timer + sensors? And thermostats run on a timer + sensors? I'm not seeing why any of those would be on a network, much less the Internet.
The ones that are on the internet also allow you to trigger them remotely, monitor status, trigger automatically based on geo-location, etc.
Are you trying to say that people could do things another way? Of course they could. But they aren't. They are buying IoT devices, because they like the features.
Personally, I like to set my turn my thermostat off of the eco temperatures before I go home, which is not at the same time every day. I don't think this is a strange use case.
Also, I like to trigger my vacuum remotely when I'm already out of the house. I don't leave the house at the same time every day, so I don't have it set on a timer. I could turn it on before I leave, but I don't really want it trying to roll out the door or bump into me while I'm putting my coat and shoes on.
Again, your critique here seems to be your own person dismissal of these features, which really isn't relevant. Other people buy and use them.
It's more that if you are at all concerned about security, then by far your biggest threat to worry about is the provider of cloud services, so that needs to be your starting point. In practice, any home network in the last 20 years is behind a firewall that blocks incoming connections unless you go out of your way to open the firewall/forward ports, and will be secure from other attackers by default. There's no point in discussing security if your threat model is completely wrong.
It's not random hackers in Russia that rendered people's solar setups inoperable. It's the inverter company using their backdoor. Ubiquitous backdoors and pre-bundled malware are the top security problems in the industry.
> It's more that if you are at all concerned about security, then by far your biggest threat to worry about is the provider of cloud services, so that needs to be your starting point.
I don't necessarily agree with that. The most widespread and issues to hit people in the US in recent years are not malicious cloud providers, but credential stuffing attacks against otherwise legitimate and reputable services.
> In practice, any home network in the last 20 years is behind a firewall that blocks incoming connections unless you go out of your way to open the firewall/forward ports, and will be secure from other attackers by default.
Right, the instructions with those legacy IP cameras instructed users to open ports to access them remotely.
> It's not random hackers in Russia that rendered people's solar setups inoperable. It's the inverter company using their backdoor.
Yeah, that's a problem. But probably not addressable through this program. There's nothing a voluntarily labelling program can do to protect you from a vendor that wants to fuck you over. One would presume a bad actor would simply: not volunteer to give up their ability to be bad.
Protecting customers from vendor abuses is not just a cybersecurity problem, it's a warranty and contract problem (or criminal fraud problem), and is probably better handled that way.
The AirBnB use-case seems fair enough. I'll still maintain that having devices connect to hostile C&C servers (which is the current status quo) is not a basic best-practice or an incremental improvement. The recent story about inverters being bricked by a distributor demonstrates why. Literally damaging electrical infrastructure (which is what happened) is one of the the boogeymen used to push for better security, and can put people's lives at risk. That attack should have never been possible.