About using https and SSL for IoTs
-
Hi,
This is a somewhat general question and when for topics like network security there is no such thing has "enough conservatism" but would still like some input from others.
At home behind my pfSense box, I run a VLAN that is specifically meant for IoTs that runs a DHCP server but only assigns leases to MAC addresses defined explicitly. This actually creates some problem for adding new IoTs as lot of home automation stuff does not come with MAC address printed on the box so first I have to configure the new hardware on "Guest WiFi" just to get its MAC address then run repeat the same process to add it to the IoTs VLAN
I have several switches and plugs (to name a few) flashed with Tasmota and I also use MQTT quiet extensively for automation. But I have not bothered turning on HTTPS for the web interfaces of Tasmota devices or enabling SSL for the or MQTT broker. My two cents are that if there is a malicious agent within the IoTs VLAN then most likely I have a much bigger problem to worry about!!
Most of the IoTs devices on this VLAN are on WiFi with the exception of only few devices.
Would others agree with my approach or am I being too lazy here beyond the point of being practical?
Thanks!