You can still get to your baby monitor via an app or the web, but a potential hacker won’t even be able to find it.
On Wednesday, the privacy-focused non-profit Guardian Project, a partner of the Tor Project that maintains and develops the Tor anonymity network, announced a new technique it’s developed to apply Tor’s layers of encryption and network stealth to protecting so-called “Internet of things” or “smart home” devices. That growing class of gadgets, ranging from refrigerators to lightbulbs to security cameras, are connected to the Internet to make possible new forms of remote management and automation. They also, as the security research community has repeatedly demonstrated, enable a new breed of over-the-Internet attacks, such as the rash of hackers harassing infants via baby monitors or the potential for hackers to steal your Gmail password from your fridge.
Here’s how it works: the Guardian Project turned a simple Raspberry Pi mini-computer into a smart hub running the open-source software called HomeAssistant software and acts as a so-called Tor hidden service, the same application of Tor that obscures the location of servers running dark web sites. The result, says Guardian Project director Nathan Freitas, is a far stealthier and more secure way to connect your smart home to the Internet, while still keeping it safe from potential digital attacks. “All we did was pull these pieces together to demonstrate a proof-of-concept for the role Tor can play in your home,” says Freitas, who’s also a fellow at Harvard’s Berkman Klein Center for Internet and Society. “It’s turning your Internet-of-things hub into a hidden service.”
In fact, Freitas’ setup doesn’t merely turn your smart home hub into a normal Tor hidden service, which are usually designed to allow anyone access to a website while routing the traffic over Tor’s network of thousands of volunteer computers to prevent visitors from knowing where the computer that hosts the site is physically located. Instead, the smart home system uses a lesser-known feature of Tor called an authenticated hidden service. Tor’s intermediary computers can’t connect to the destination computer at all without you implementing a certain passcode, which Freitas describes as a “cookie.” You can still get to your baby monitor via an app or the web, but a potential hacker won’t even be able to find it. “If you add authentication, only people with this cookie can even connect to” your smart home hub, says Freitas. “Without it, Tor doesn’t even let you route to that service.”
This will make your smart home safer, but much more annoying to set up. The system requires any device you use to manage your smart home hub has to run Tor and include the right code in what’s known as the Tor relay configuration file. And altering those Torrc files represents just one of the janky steps required to set up the system. In fact the Guardian Project hasn’t even tested that configuration on iOS devices yet—so far only on a desktop TorBrowser and the Android Tor app Orbot.
Though it’s far less user-friendly than commercial alternatives like Samsung SmartThings, Google Home, and Apple’s Homekit, Tor Project executive director Shari Steele nonetheless calls the prototype an “early but important milestone” in using Tor to secure home devices. “The Tor Project wants Tor privacy technology to be integrated into everyday life,” Steele writes in a statement to WIRED, so that “privacy and security are built in.”
And what you give up in convenience, you gain in security. Freitas points out Commercial smart home setups require you to open parts of your home firewall to allow devices to be reached remotely, or require you to trust the cloud setup of the company that ties your remote device and your home devices together. But those options can leave your gadgets open to vulnerabilities introduced by the devices’ vendors and allow them to be spotted by internet scanning tools like Shodan. “Just having a public IP presence for anything opens up so many possibilities,” says Freitas. If a device can be discovered, its vulnerability then depends on the manufacturer’s attention to security, he adds. “When you’re talking about a lightbulb from China, you don’t want to rely on that.”
While his HomeAssistant setup is mostly just a proof-of-concept designed to demonstrate a new form security for DIY types, Freitas says he hopes it might also convince more mainstream Internet-of-things companies to take a similar approach, and consider integrating Tor. “We want to introduce the idea that Tor can be used this way, and to advocate that IoT vendors adopt and innovate with it,” Freitas says. “We’re ready to work with anyone interested in doing that.”