I’ve ranted before about lacking security on Internet of Things devices. General consumers are often left to decipher the black box of security on their own or just resign themselves to having faith that companies make it a priority. The internet itself can be pretty insecure, too, which is why some people turn to Tor to help mask their identity. (Although Tor’s been attacked as well.) Now, a non-profit called Guardian Project is taking Tor’s technique for obscuring and encrypting users’ identities and applying it to smart home devices.
Guardian Project took a Raspberry Pi and turned it into a smart hub that runs its new HomeAssistant software. The software acts like a Tor hidden service, which keeps server IP addresses hidden. HomeAssistant more specifically relies on an authenticated hidden service, which means it doesn’t let other Tor users connect to it unless they have a passcode. Essentially no one, including hackers, can see the connected smart devices. But with that being said, the smart hub is only a proof of concept. Whatever devices are used to manage the smart hub, like a tablet, have to be able to run Tor. The smart devices don't need to be Tor-compatible. The hub also hasn’t been tested with iOS yet. Still, it’s an intriguing proof of concept that could be a hint at what the future could hold for securing IoT devices.