[Upcycle It] WiFi Connected Smoke Detector #9: WannaCry and IoT security

Sonoff POW order arrived

This week started pretty good as I received my order of Sonoff POW WiFi Switch with Power Consumption Measurement. It was the last piece I wanted to use in my system to demonstrate that I can improve home safety by acting on an alert from a smoke detector by shutting down connected appliances.

The out of box firmware doesn't provide MQTT connection and creates a lot of Internet network connections as discovered in the following blog post "How to hack free your Sonoff RF without soldering". I've turned down this option.

I've start reading about Sonoff ESP8266 programming options. TASMOTA project seems the most straightforward one for Sonoff devices. This Arduino sketch is an Open Source project. It has a lot of recent activity, documentation, videos and it comes with MQTT support,

I've installed required software and packages. I've updated user_config.h with mt WiFi parameters and other settings. Arduino IDE verify and build failed initially, but after some debugging and files movement the compilation was successful. Unfortunately my USB-to-TTL sopped functioning without any warning signs.I'll try to use my Arduino UNO as USB-to-TTL adapter as described in this 1 minute video.

Thoughts after WannaCry

WannaCry impacted significant number unpatched Windows PC worldwide.

The number of IoT internet connected devices will be significantly higher then the number of PCs.

There is a lot of questions in relation to IoT security. The negative impact of breaches in IoT may be comparable or even bigger then from WannaCry. Recently these IoT devices have been exploited for DDoS attacks.Once these devices become more widespread with a common core they may be exploited much more frequently.

1. Who is managing patches for IoT devices? Based on my previous blog even Intel is not necessary keeps supplied Intel Edison packages up-to-date.
2. How long they will be supported? Windows XP been released 16 years ago, but still requires patches.Do you think TASMOTA project will be supported in 5 years? It has only one contributor at this point.
3. How can I validate chain of trust of libraries, firmware and toolchain used to build it? What kind of secure software development practices were followed in the process of building them? TASMOTA relies on ESP SDK which is partially closed.
4. What I can do to minimize risks of increasing secure attack vector on my IoT infrastructure in my home, which I'd like to make safer by introducing WiFi Connected Smoke Detector? Does it still make sense?

Many questions but one answer

I have very little power to control the top three points. But I may be able to control the last one. And the answer came from CBC Radio program Spark. One of the guests recommended to connect to the Internet only what needs to be connected. it can be achieved by applying network isolation, where the network gets split in several zones as described in the following paper.

I start looking if I can introduce this notion of network zones on my Intel Edison IoT gateway. I was thinking about using it as an edge gateway, where on one side it plays a role of Access Point (AP mode) for IoT devices like Sonoff and WiFi smoke detector, And on other side it is a WiFi client (STAtion mode) so it can communicate with Slack and Cronitor. But it is not possible now as Edison radio "Broadcom  module does not support STA/AP concurrently" as described in Intel Edison WiFi Guide.

At this point I can use a separate router (or create a separate net on my router) for IoT devices and Intel Edison gateway, where only the gateway has access my home network and internet. Another option is to add WiFi USB module to Intel Edison, so it will get two network interfaces one for each network.