this post was submitted on 26 Jan 2024
168 points (88.9% liked)

Privacy

31942 readers
799 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I have this old TP-Link smart lightbulb, it’s the only thing that’s IoT and on WiFi in my house.

Looking through pfBlocker logs for fun, and noticed it’s been trying to connect to the Tor network.

Oh! Also, it’s been uploading and downloading 100+ MB of data a day.

you are viewing a single comment's thread
view the rest of the comments
[–] mozz@mbin.grits.dev 25 points 9 months ago (1 children)

You're the one that connected an impossible-to-security-update device to the internet. You can do plenty of home automation without it needing to be that way, if you're open to a little more setup being involved in the process.

[–] errorlab@lemm.ee 17 points 9 months ago (3 children)

It's on it's own VLAN from the beginning. Wanted to poke around but never got to it.

I still have it connected, want to use for practice.

[–] henfredemars@infosec.pub 6 points 9 months ago* (last edited 9 months ago)

Good on you. I use the poor man's VLAN--guest Wi-Fi network to isolate my IoT devices.

[–] schwim@reddthat.com 5 points 9 months ago (1 children)

I hope you update the post with any info you find.

[–] errorlab@lemm.ee 5 points 9 months ago

Will do. It's part of a long list.

Don't know my ADHD will hyper focus on it tho haha

[–] mozz@mbin.grits.dev -1 points 9 months ago (1 children)

I have no idea of all the details, but in legal terms this is called "res ipsa loquitur" -- in this case, the fact that it clearly seems compromised is pretty solid evidence that it wasn't immune to compromise.

[–] errorlab@lemm.ee 3 points 9 months ago

Expected since TP-Link stopped updating them shortly after release.