Researchers at the Guardian Project, a nonprofit responsible for developing anonymous Internet networks, unveiled a new method for safeguarding IoT devices using the dark web.
The privacy-focused Guardian Project has partnered with the Tor Project to apply layers of encryption and networking security to protect IoT devices from cybersecurity threats.
The Tor Project manages the global Tor network, which is primarily used to navigate the uncategorized dark web.
To complete this smart home encryption test, researchers at the Guardian Project turned a Raspberry Pi mini-computer into a smart home hub capable of running open-source home automation software. The open-source code enabled the team to include Tor within the home control platform.
Using Tor with the home control platform enables the homeowner to connect to the Internet, but without any trace. This means that a would-be hacker is unable to trace information back to a certain location or home, stopping data extraction at the source.
Unlike with the Tor method, a typical smart device requires the homeowner to open up the Internet’s firewall, which enables the network to discover a certain device. However, this method opens up vulnerabilities, because if you can discover a device’s location, so can a skilled hacker. Instead, only the integrator or homebuyer is able to discover networked devices, because only they know the password and settings necessary to connect to the anonymous network.
Basically, the Tor method sidesteps the manufacturer’s device security standards by adding a second layer of cybersecurity protection. This second layer could be crucial in IoT products that have not doubled down on the need for secure devices.
Even though the home’s Internet data is encrypted, the process of connecting and controlling IoT devices is the same. Homebuyers are able to use the same apps and platforms to control the home, but with the added benefit of cybersecurity.
This first test was used to demonstrate the proof-of-concept of a secured and encrypted IoT network, with plans to further test device encryption and cybersecurity.
For more great content, be sure to subscribe to our newsletters