Member Since: November 26, 2010

Country: United States


Spoken Languages


Programming Languages

HTML/CSS, PHP, MySQL, BASIC (For what it’s worth)


Davenport University

  • Was really hoping somebody would link to the Squatty Potty. Glad to say I’m not disappointed. :-)

  • I’m with you on this: I’d love to see some proper PKI support on embedded architectures, but I think we’re still a generation or two away from seeing it really be supported natively. Perhaps the next iteration of the ESP line will have something for us. :-)

    There is always the protected-subnet-with-a-gateway/proxy setup. Don’t allow any embedded/IoT product/project to talk directly with the Internet, but instead require them to use some local service to either encrypt all their traffic or to even be the final destination. (Why not just run your controller locally? Much faster response times, and no dependence on Internet connectivity for your fun toys to work. Then again not everybody runs a hyper-visor on a server in a basement closet…)

  • HIPAA would apply to those sort of records. Even ISPs don’t like being fined anywhere from $500 to $15,000 per instance of a data breach like that.

  • The flip side is if you have enough fun projects at home that use the Internet to upload status/measurements or even just to check for updates it may look like you are always home. (Plus there are firewall setups like pfSense that will ping your next hop every minute or so for latency and availability tracking.)

  • Could try a shortcut like this to simplify development:

  • VLANs, routing, and proper firewalling (pfSense, Ubiquiti’s EdgeRouter or USG, most anything in the Microtik world) are the ways to go. Trouble is, not everybody knows how to properly set those types of things up. (Given that you brought it up I’m assuming you’re a fellow networking nerd; I know it’s second nature for myself, but that’s not any sort of assumption I’d want to cast on somebody else.) They also do cost a bit more than basic consumer-grade hardware (although the Ubiquiti EdgeRouter X is only $50), they also vastly out-perform them (1 Gbps routing, no big. The $100 EdgeRouter Lite can do 1 million packets per second too), are much more flexible in their configuration, and are updated routinely to boot. (Although you do need to apply it manually: ISPs don’t like it when their gear auto-updates.)

    Something not mentioned in the article, but worth doing if your firewall can support it: Outbound filtering. You should be able to block outbound traffic from your IoT devices and only allow it to communicate with white-listed networks/hosts and on white-listed ports. There’s no reason most IoT devices should be talking on any port aside from 80, 443, or 53. (And even then 53 should only be to your internal DNS relay (router), so 80 and 443 to the outside world.) There’s always the possibility of other ports in the case of specialized services, but I would recommend blocking the port (with logging enabled), then watching the firewall logs to see where it’s trying to talk. White-list those destinations as you go until it’s working properly. (Even better if vendors just list where their devices want to communicate so you can build the rules ahead of time and not feeling like you are missing anything.)

  • Can confirm. My brother broke our parent’s dog with a laser pointer when she was about a year old. Now (9? years later) she still goes ballistic at any direct/bright light source, and will even chase shadows. If she knows you are about to handle a pan that usually causes reflections on the ceiling she’ll start getting excited…

  • And this right here is why I’m willing to spend a few extra coin to buy things from SparkFun: They’ll Make It Right™ even when the problem comes from no direct fault of their own.

  • I’d almost be willing to bet that 25 years from now, the “documentation/communications” technology will have changed so dramatically that your QR code, while a nice idea, will be useless

    I think a combination isn’t a bad idea. Keep a live version on a wiki for ease of access and sharability, but then keep a printed archive in a 3-ring binder somewhere for hard-copy referencing later.

  • I wonder if you’d be able to pull the EL wire through after the bends are done by using the same trick teleco’s do when putting fiber into ducts: Compressed air. Basically you send air through the tubing and feed the EL wire in along the same path: The air creates a buffer along the walls that should help the wire navigate any turns it runs into.