HN's readers, how do you deal with your connected devices?
Do they use the same network as you? Or have you a dedicated network to them? Or an on-demand dedicated network (connection only when necessary/allowed)?
I use Google WiFi with a primary and guest network. Anything which doesn't get security updates goes on the guest network so negligence on the part of Lenovo, Toshiba, etc. doesn't offer an easy jumping-off point to attack the devices with data I care about.
I have four Wifi networks: One for me/trusted computers, one for untrusted devices without internet access, one with, and one for guests.
My network can access everything else, the untrusted networks can only initiate connections to my home server on the firmware upgrade port (which is used by devices around the house that I've made and which often look for OTA updates on my server), and the guest network can only access the internet.
The wifi? I just got a Tomato-compatible router, there's a section in Tomato where you specify the networks you want. The connections are a few iptables rules, I could write a post at some point.
EDIT: Turns out I don't remember which settings were set by me and which ones the router added by itself. If you have a Tomato router and would like to help me replicate the setup so I can write the post, send me an email (email in profile)!
I've set up virtual networks in Tomato and multiple Wifi access points, and bound each access point to each network. Then, with iptables rules I've allowed/disallowed connections from/to each. I can write it up if someone helps me reproduce it.
It might be unpopular on HN, but use the older iRobot generation that is not "smart" aka no WiFi, no spyware, just a "dump" little robot vacuum cleaner. Do you think Mark Zuckerberg, or Elon Musk let such devices roam their home? Nope. Mark wrote his own home assistant, security system ,etc with PHP and unix tools. These devices are for the noobs, the general public, that doesn't care.