Announcement

Collapse
No announcement yet.

Princeton IoT Inspector

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Princeton IoT Inspector

    Princeton has created an app that "tracks the data that each smart device in a house transmits — and who receives it". https://iot-inspector.princeton.edu/. I don't have a Mac so will have to wait for a linux or Windows version. If someone that has a Mac can try it, would love to hear how well it works.
    HS 3.0.0.548: 1990 Devices 1172 Events
    Z-Wave 3.0.1.262: 126 Nodes on one Z-Net

  • #2
    I might give it a try. That's exactly the reason I bought used mac Pro. Using mostly windows on it with bootcamp but when Mac OS with hardware is needed for testing or tweaking Apple TV I just boot into Mac OS.

    On the other hand it looks like you won't have to wait too long.. :-)

    [2019-04-24 09:40 ET] The Linux version will be released this week. The Windows version will be available early next month.

    Comment


    • #3
      I've set this up last night on a Rasberry Pi.

      It uses ARP spoofing and scans your network, then with your approval, sends the stats to princeton.edu.

      It found everything, and already revealed some interesting info. A digital picture frame that is not setup for remote upload talks to a French IP address several times an hour. Amcrest cameras not setup to upload video to the cloud talk to AWS servers every few minutes anyway.

      Setup was pretty easy on Debian, but it really installs a lot of software which makes you wonder about trust and vulnerabilities with the IoT-Inspector sw itself. Clearly theyre collecting and aggregsting your device behaviors for a study by centralizing the data in their hands. The web charts are running on Princeton controlled platform. This is not a self-contained scan tool that keeps your data at home.

      Comment


      • #4
        Originally posted by dzee View Post
        I've set this up last night on a Rasberry Pi.
        Thanks for the report. I'm still waiting for the windows version which seems to be delayed from the date they had promised to release it.
        HS 3.0.0.548: 1990 Devices 1172 Events
        Z-Wave 3.0.1.262: 126 Nodes on one Z-Net

        Comment


        • #5
          I've signed up to be notified of the Windows version too, but it's probably only going to be a service running under Windows. The software has no user interface. When it starts, it scans and immediately uploads data for aggregation. They give you a web link and the first thing you have to do ON THEIR SITE is accept terms and choose which devices are to be monitored. It may then send an OK to the IoT-Inspector install to upload data, but the data was there so fast after I accepted terms, to me it seemed the data must have been sent to their database first, otherwise how could I see all devices and choose to monitor them so fast?

          The site provides interesting info, but the graphs are more eye candy than helpful. The real interesting stuff is revealed in two text reports.

          For what it's worth, I wonder if the Windows version will ever emerge, because this software does a lot of "hacker-like" things to get the data, and it may be tricky to get it to run under Windows without triggering firewalls and other security bells and whistles.

          The arp spoofing it uses effectively makes it a man-in-the-middle (probably a proxy) between your IoT devices and their legitimate end-points - like WireShark. Because it is pushing traffic to the cloud like the IoT devices it's monitoring, it becomes a question of who's watching the watcher? I'm a bit uncomfortable leaving this running on my network. It's all in how much you trust Princeton.edu (my guess is this is a graduate student project, but what happens to the data later?)

          I don't think I'm going to run this long-term, but I'll give it a few days before shutting it down. I might light it up again if I add new IoT devices.

          A few things I've learned already:
          • Amazon Echos, Harmony Hubs, and a few other common IoT devices don't encrypt their traffic. IoT-Inspector says it doesn't actually monitor the content of the packets (just the routing), but you're effectively installing a product that could see authentication and API keys for IoT platforms. If anything, you want to be sure to get the IoT-Inspector code from a reliable source and not a 3rd party site where it could be modified for malicious purposes.
          • Roku devices hit a lot of advertising sites. If you're planning on setting up a Raspberry Pi and Debian to run IoT-Inspector, set up another and install Pi-Hole then set your DNS for every device in your home to it, including the Roku devices. The Pi-Hole sends all DNS requests for ad sites into a black hole (hence the name) and strips them from your web browsing, too.
          • If you have an IoT device that can run locally with HS3 and you've never setup (or disabled) its cloud-communications capabilities thinking that will keep its traffic within the confines of your LAN, you're probably fooling yourself.

          Comment

          Working...
          X