Gonna vaguepost so I don’t self dox too much. Had to replace a dead appliance this week. Got a lightly used replacement, no choice about which. It had a wifi spot build in. It would talk to any phone with the mfg app. No auth other than having the app installed! WTF.

You couldn’t disable that! Well not thru the panel controls. Web says you can do it with the phone app. IF you make an account with the mfg for your appliance first. Rofl!

Maybe this approach will help others. What I did was, searched the schematics online. Most appliances, you can find it. Searching model number + schematic often works. There are sites that catalog them.

Using the schematic, I found a connector that powered the wifi. Unplugged that. Re-powered appliance. Confirmed wifi was gone.

My neighbors are not gonna hijack my appliance over wifi, so I wasn’t worried about that. I guess it could find an open WAP and phone home. TBH it was mostly the principle of the thing tho! I don’t want ANY n/w on my appliances, thank you. Ya know?

It’s a tiny skirmish in the war against IOT. Editing here to quote Aragorn, who famously said about IOT, “There may come a day when my appliances connect to the internet. But it is not THIS day!”

  • 4am@lemmy.zip
    link
    fedilink
    arrow-up
    22
    ·
    3 days ago

    I want IoT, I just want the kind that only works on the local LAN and doesn’t phone home. It’s rare but it exists.

    For everything else I can roll my own solution

    • FineCoatMummy@sh.itjust.worksOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 days ago

      the kind that only works on the local LAN

      I am lowkey astonished that it isn’t the normal way.

      That sweet, sweet data is just too tempting.

    • ggtdbz@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      1
      ·
      2 days ago

      I want a dumb as rocks interface you can use an existing open standard with. Like I2C. Not <insert XKCD about 23 competing standards>. Just a standardized cavity in each appliance with an antenna connector and 5V that you can pop a microcontroller of your choice in

  • TiredTiger@lemmy.ml
    link
    fedilink
    arrow-up
    4
    ·
    2 days ago

    I’m really hoping I never have to do this, but congrats to you on figuring it out. I intend to keep my “dumb” appliances going as long as possible, but the unavoidable ones have me a little worried. I’ve seen HVAC filters with Bluetooth in them now for fuck’s sake!

  • galoisghost@aussie.zone
    link
    fedilink
    arrow-up
    12
    ·
    3 days ago

    I was confused by your title. Until I realised it was my reading skills letting me down.

    Then I realised my misreading was actually a clever joke. I read that you “Idioted an appliance”. Which is exactly what you did. You made it “not smart”

  • vapeloki@lemmy.world
    link
    fedilink
    arrow-up
    5
    ·
    2 days ago

    I often replace those WiFi models with esp32s. ESPhome on top.

    Currently working in a full integration for our heat pumps. I freed ceiling lamps, space heaters, and more from their chinese cloud backdoor.

    If I can get a device that respects my privacy I will buy that version. If not, I am a Journeyman of Electronics (yes, rly) I have my beloved oscilloscopes, logic analysers and 50 EPSs in stock.

    • FineCoatMummy@sh.itjust.worksOP
      link
      fedilink
      English
      arrow-up
      4
      ·
      2 days ago

      space heaters, and more from their chinese cloud backdoor.

      Cloud enabled … … space heaters?

      That’s up there with cloud enabled Bunsen burners as “this is just not a good idea at all.”

    • Defectus@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      2 days ago

      The obly thing thats left in my home is my Mitsubishi heat pump. Thought about it bit I don’t wanna risk the warranty. Although tur wifi module is removable. Haven’t looked in a while if there’s a cloud free replacement

      • vapeloki@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        2 days ago

        Often, those are only serial/wifi bridges. Worth al look. Logic analysers you can get for less then 20 bucks as a cheap USB knockoff, but they work. If it is just serial, congratulations, that is a straight forward implementation. And in Europe, this does not break warranty btw

          • vapeloki@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            1 day ago

            First, find VCC and GND. Verify peak voltages with an oscilloscope on the signal wires. Connect all wires, do some stuff in the app while you record.

            Most software has analysis functions, if not, check the usual protocols.

            If you have more then 5V on the wire, it may be Modbus or other industrial connection standards.

            If found the correct protocol, baudrate and so on, I use for example esp32s to sniff in the wire and do a more useful long time capture

  • blackbrook@mander.xyz
    link
    fedilink
    arrow-up
    7
    ·
    3 days ago

    Thanks for the heads up! I have a couple of things where I just ignored the WiFi casually thinking it didn’t matter because I wasn’t going to connect, but shit I never considered the security liability… (Or are they bluetooth?..time to assess…)

    • FineCoatMummy@sh.itjust.worksOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      3 days ago

      YW.

      Yah the risk is prob modest provided you don’t give it a wifi pw so it can get onto your local n/w. Modest… but not zero. Lots of IOT devices ship with def passwords, and all units of that model share it. Also, somebody in range with the app could connect, depending on what the mfg does for auth. Some might require a button on the appliance to pair, that’s safer. Mine didn’t.

      Also in theory, it could look for open networks on its own. That’d be a bigger risk for appts in a Manhattan hi rise than, like, somebody on a horse property on 40 acres.

      Mine was wifi, which has a longer range, but some might be bluetooth. When I was sniffing for the wifi signal, I noticed my neighbors appliances too, lol.

      • Brujones@lemmy.world
        link
        fedilink
        arrow-up
        7
        ·
        3 days ago

        Can confirm. My router log showed that a neighbor’s iot device was repeatedly trying to connect to my WiFi every 10 seconds or so. It was by far the most dominant event in the log.

        The only way to stop it was to block its MAC address.