Falsehoods Smart-Device people believe about Home Networks

A few years ago someone posted a great article about the bad assumptions programmers make about names; here’s a similar list about assumptions about home networks and smart devices.

We all remember the excellent Falsehoods people believe about names don’t we?

Having lived with a few smart devices sharing my network for a while, I thought we need a similar one about smart devices and home networking.

Items marked with a * contributed or inspired by @davidmoss

  • The WiFi is always available
  • The WiFi is continuously connected to the internet
  • The WiFi network isn’t hidden
  • The WiFi network isn’t restricted by MAC address so they can be hidden from the user
  • The WiFi network doesn’t use strong authentication like WPA2
  • The WiFi network definitely doesn’t use authentication mentioning the word ‘Enterprise’
  • The user knows the exact authentication type is use for the WiFi, so no need to auto-detect it*
  • There is only a single WiFi network
  • The name of the WiFi network is ASCII*
  • There is only a single access point for the WiFi network
  • Any device connected to the home-network is trusted to control the smart devices on it
  • Smart devices and their controllers are on the same network
  • Devices on the network can connect directly to each other
  • The network is simple, and doesn’t use other technologies such as powerline1
  • All networks have a PC type device to install/configure/upgrade devices (and that device is running Windows)*
  • There is always a DHCP Server*
  • Devices will always get the same IP address on the internal network from the DHCP server
  • DHCP device names don’t have to be explanatory, because nobody ever sees them
  • Devices can have inbound connections from the internet 2
  • The network is reliable without packet loss
  • The connectivity is sufficient for all devices on the network
  • The performance characteristics of the network is constant and doesn’t change across time
  • The Internet connectivity isn’t metered, and there’s no problem downloading lots of data
  • Encryption of traffic is an overhead that isn’t needed on embedded devices
  • Predictable IDs like Serial-Numbers are good default security tokens
  • Unchangeable IDs like Serial-Numbers are acceptable security tokens
  • The device won’t be used as a platform for attacks, so doesn’t need hardened from threats internal and external to the network. 3
  • Devices can be shipped and abandoned. They won’t be used for years, as so any future software vulnerabilities can be ignored
  • IPv6 is for the future, and doesn’t need to be supported4

What have I missed?

  1. These should be layer 2 transparent, but they can disrupt Multicast which can break bonjour
  2. aside from security implications, ISPs are moving to a carrier-grade NAT to work around IPv4 address exhaustion, so inbound ports may not be possible
  3. many devices have a pretty complete Linux stack, at least complete enough for attackers to use
  4. Chicken and Egg this one

Suddenly Home Networking Matters

Years ago your connection to the internet was much slower than your internal network, and you never had to worry about performance. Now we’ve got much quicker broadband speeds, home networking gets trickier because it matters.

Historically networking it was easy, you plugging in your 11mbps router and all was good. The 0.5mbps pipe from you to your provider was always so small that it didn’t really matter. You accepted patchy coverage as it was all quite new, and you had enough cable in place you could just deploy a second base station upstairs to fix that.

Now though, you can’t really ignore the performance of your internal network. If you’re using WDS to extend your network, have a slow WiFi bridge, or even just an inconveniently placed wall – it turns out it’s quite easy to reduce your throughput to the point that new services like BBC iPlayer in HD won’t work. With readily available broadband up to 16/24/50 megabits a second, your internal network matters.

I’m going through the pain of trying to get the WiFi network that both covers the house, covers the garden and works in my current room, which is helpfully the only place in the house without decent coverage of the existing network and precisely where the repeater to be for the garden coverage.

Do I bridge with Powerline networking? Do i just route a bit of Cat5 cable, because despite being ugly and low tech, it generally works?

While I know there are solutions to this, it does make me wonder that when someone who (mostly) knows the difference between 802.11a/b/g/n, has spare routers he can redeploy, and who despite the vagaries of compatibility that still seem to exist with WPA, (almost) has the patience to get this to work – what hope do the ordinary folk, and the Multi-service operators of the world of solving this.

Slingbox recommend using Powerline adaptors, and I’m beginning to see why.