In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. In part 2, I covered IP addresses and the importance of a decent network to run all this stuff on, followed by Zigbee and the role of low power, low bandwidth devices. I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. Now for the big challenge - security. As with the rest of the IoT landscape, there's a lot of scope for improvement here and also just like the other IoT posts, it gets...

In part 1, I deliberately kept everything really high level because frankly, I didn't want to scare people off. I'm not ashamed to say that the process of getting even the basics working absolutely did my head in as I waded through a sea of unfamiliar technologies, protocols and acronyms. I wish I'd had just the fundamentals down pat before going deeper and that was my intention with the first part of the series. So, peeling back that next layer, the whole IoT space isn't just about devices that get their own IP address on your network and talk over TCP (or UDP). Many of them do (such as the Shelly switch in part 1), but then there's the whole...

With the benefit of hindsight, this was a naïve question: Alright clever IoT folks, I've got two of these garage door openers, what do you reckon the best way of connecting them with Apple HomeKit is? https://t.co/i0RmjSMkkD — Troy Hunt (@troyhunt) April 25, 2020 In my mind, the answer would be simple: "Just buy X, plug it in and you're good to go". Instead, I found myself heading down the rabbit hole into a world of soldering, custom firmware and community-driven home automation kits. Finally, a full 123 days later, I managed to open my garage door with an app: Smashing it today! So impressed with the Shelly 1, it made this so simple 😊 pic....

This week, I've finally got a workable mobile setup with sufficient quality audio and video. As I explain in the video, this is ultimately achieved by the Sigma lens feeding into the Sony DSLR then via micro HDMI to the Elgato Cam Link 4K into my laptop via USB which then wifis over to my boat shed access point connected via ethernet over power to the server room and into the network. This seems unnecessarily hard... yet here we are. I'll be travelling from an extended period starting in a few weeks' time so let's see how this all goes on the road. For now, here's this week's update from my backyard: ReferencesThe Cit0day collection of breaches is... big (you...

It's increasingly hard to know what to do with data like that from Cit0Day. If that's an unfamiliar name to you, start with Catalin Cimpanu's story on the demise of the service followed by the subsequent leaking of the data. The hard bit for me is figuring out whether it's pwn-worthy enough to justify loading it into Have I Been Pwned (HIBP) or if it's just more noise that ultimately doesn't really help people make informed decisions about their security posture. More on that shortly, let's start with what's in there and we're looking at a zip file named "Cit0day.in_special_for_xss.is.zip" that's 13GB when compressed: A couple of folders down are two more folders named...

This week's update had a load of questions so even whilst the planned content didn't consume a lot of time, audience engagement was great and I appreciate all the input. The big excitement for me was that Ubiquiti doorbell and whilst that might seem like a small thing, I'm absolutely loving it and the ability to answer it from anywhere whilst also integrating it into Home Assistant and triggering events like Sonos text to speech is really cool. Check it out in the links below or here me talk about it in the video, it rocks 😎 ReferencesMy (ISC)² award arrived! (it's a beautiful piece I'm very humbled to have received)I killed some time messing with an SEO spammer (what...

Alrighty, quickie intro before I rush off to hit the tennis court, catch up with old friends, onto the wake park before BBQ and, of course, 🍺. I'm doing a quick snapshot on how we're travelling down here COVID wise, I lament the demise (followed by resurrection) of my Ubiquiti network, there's a heap of new data breaches in HIBP and a bunch more insight into my guitar lessons (no, I'm not giving guitar lessons!) Enjoy 😊 ReferencesWe're tracking remarkably well down here COVID wise (and yes, I'm very conscious of how different it is in other parts of the world right now, thoughts are with you guys)Guitar lessons! (ok, not really, but please do watch that embedded Ricky Gervais video...

I've had this blog post in draft for quite some time now, adding little bits to it as the opportunity presented itself. In a essence, it boils down to this: people expressing their displeasure when I post about a topic they're not interested in then deciding to have a whinge that my timeline isn't tailored to their expectation of the things they'd like me to talk about. The key term in that sentence is "my timeline" and as most of this relates to Twitter, there's a very easy way to understand whose timeline you're looking at: This is me, talking about the things that I find interesting. Ricky Gervais does an amazing job of explaining what I'm about to delve...

It was a bit of a slow start this week. "Plan A" was to use the new GoPro with the Media Mod (including light and lapel mic) and do an outdoor session. This should really be much easier than it was with multiple issues ranging from connectivity drops to audio sync to simply not having a GoPro to tripod adaptor. I'll need to get on top of that before my big Xmas holiday trip and none of these are insurmountable problems, but this stuff should be easy! Can't feel too sorry for myself, had a great day on the water before that (exclusive wake park footage right there), but ended up in the office as usual. Enjoy 🙂 ReferencesIt's a slow...

Almost a decade ago now, I wrote what would become one of my most career-defining blog posts: The Only Secure Password is the One You Can't Remember. I had come to the realisation that I simply had too many accounts across too many systems to ever have any chance of creating decent unique passwords I could remember. So, I set out to find a password manager and 10 Christmas holidays ago now, I spent the best 50 bucks ever: I chose 1Password way back then and without a shadow of a doubt, it has become one of the most important pieces of software I have ever used. Since that date in 2011, I doubt there's been a single day I...