| > Please share your opinion about the state of the software industry .... where do you see/feel/think the field headed? A world where no consumer device works without the blue sky alignment of internet availability, vendor goodwill and security uneventfulness. This is based on trends I've observed on most (but not all) new consumer devices I've purchased of late [1]: * Requires internet for setup (always) and operation (usually) * Only supports wifi (ethernet ports are rare, thus no easy VLAN option) * Vendor mobile apps required (HTTP servers are crippled if available at all) * Depends on MDNS / SSDP / proprietary multicast for discovery * Requires a vendor user account (and rarely supports family access) * Sends telemetry and updates firmware without any opt-in * Service addresses are unconfigurable (eg NTP, DNS, MQTT) * Documentation does not publish ingress or egress ports The pendulum has swung too far toward plug and play (at the expense of reliability, security and privacy). Perhaps someday there will be an "ethical device" self-certification brand to promote those vendors trying to be more balanced. In the meantime I mitigate using different SSIDs, VLANs and email accounts per vendor; relaying discovery protocols across IP subnets; logging traffic and denying by default; rewriting destination IPs for certain ports like DNS and NTP; local DNS to 127.0.0.1 attempts to call home; disabling options if given etc. [1] Solar inverters (Enphase), house batteries (Sonnen), irrigation controllers (RainMachine), speech assistants (Amazon), amplifiers (Sony and Sonos), alarm panel (Paradox), EV (Tesla), SIP ATA (Cisco), home automation controller (Hubitat) |