14 DAY TRIAL // The Guardian Project, Home Assistant, and the Tor Project have unified their forces to create and power a new security system that's capable of protecting Internet of Things (IoT) devices.
The basic principle behind this new system is to funnel all the data traffic from the device to its end user or master update servers via a TOR connection, instead of using the public Internet.
The new system is actually the Home Assistant platform running a special Tor Onion Service Configuration that provides secure and remote access to your IoT device.
The whole system runs on a Raspberry Pi board
Users only need a Raspberry Pi device (or similar) to run the Home Assistant software. This, in turn, will run a Tor configuration, which, in a simplified explanation, sets up a special Onion site on the device.
Remote users who want to access the IoT device will need to know the Onion link to the Home Assistant software first, which will then relay the connection to the actual IoT device, working as a proxy.
The advantages of using such a system are palpable, for both users and IoT vendors, who might be interested in embedding such technology into their devices by default.
No more Shodan scanning for exposed IoT devices
First off, there's no need to complicate software development with setting up complex SSL/TLS certificates for supporting HTTPS connections, since all Tor connections are encrypted by default, with several layers of encryption (Onion protocol).
Secondly, users don't need to uselessly open firewall ports or use VPNs to access their IoT devices. All connections will go through the Tor hidden network, and nobody will know to what you're connecting. It could be your IoT baby cam at home or a drug marketplace. It's anyone's guess.
Scanning Tor-protected IoT devices is technically impossible. This means no more searching for vulnerable IoT devices via Shodan and blindly stumbling upon vulnerable equipment.
Securing IoT devices is a top priority
"Too many 'Things' in our homes, at our hospitals, in our businesses and throughout our lives are exposed to the public Internet without the ability to protect their communication. Tor provides this, for free, with real-world hard ended, open-source software and strong, state of the art cryptography," says Nathan Freitas, Executive Director of the Guardian Project.
Below is a video presentation of the new Tor IoT protection system by Nathan Freitas, Executive Director of The Guardian Project, and contributor to the Tor Project.
Our readers can also find more details in this Internet of Onion Things presentation.
BOOM! A @Raspberry_Pi hosting yr Internet of Things--now encrypted behind a Tor onion service. Go, @guardianproject! pic.twitter.com/hXweVyM2da — torproject (@torproject) July 20, 2016
