Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

HomeKit Homekit security when used with off brand products?

SnowCrocodile

SnowCrocodile

macrumors 6502a
Original poster
Nov 21, 2022
585
597
SouthEast of Northern MidWest
How secure is HomeKit if used with a variety of 3rd party products? I.e. does it protect the internal network traffic on the SSID it is connected to from devices?

If I buy a device that is advertised as Matter or Siri compatible, does it imply there's some level of certification / protection, or does it need to specifically say "MFI"?

E.g. I am looking for some cheap remotely controlled lights for my attic. Found some Chinese lights that say they are Matter and Siri compatible. Would it be safe to put them on my network?
 
Once upon a time, a few years back, Apple introduced a feature called HomeKit Routers. It wasn’t widely adopted. Older models of eero, Linksys, and the AmpliFi Alien included this feature. I believe that was it and it’s since been abandoned. None of the newer models include this feature. With this, HomeKit provided a simple one tap built in firewall solution if these routers were onboarded.

FWIW, I had an eero system with this feature and it seemed to cause more issues than solutions with HomeKit. I eventually turned it off.

But now, I believe this has to be done at the networking level. What do you use for your networking equipment? Just last night, I created a bunch of firewall rules for my HomeKit setup with my UniFi system.

I wouldn’t trust those light bulbs as far as I can throw them. Why not go for a more well known brand? How much cheaper can they be? Not Philips Hue but maybe something like Meross or VOCOlinc. You usually get what you pay for...
 
Itinj24 said:
Once upon a time, a few years back, Apple introduced a feature called HomeKit Routers. It wasn’t widely adopted. Older models of eero, Linksys, and the AmpliFi Alien included this feature. I believe that was it and it’s since been abandoned. None of the newer models include this feature. With this, HomeKit provided a simple one tap built in firewall solution if these routers were onboarded.

FWIW, I had an eero system with this feature and it seemed to cause more issues than solutions with HomeKit. I eventually turned it off.

But now, I believe this has to be done at the networking level. What do you use for your networking equipment? Just last night, I created a bunch of firewall rules for my HomeKit setup with my UniFi system.

I wouldn’t trust those light bulbs as far as I can throw them. Why not go for a more well known brand? How much cheaper can they be? Not Philips Hue but maybe something like Meross or VOCOlinc. You usually get what you pay for...
Click to expand...
I have my ISP’s router. I used to have a Unifi router plugged in that and serving as a main router but wanted to simplify my life a little. Not sure what level of control I have over the firewall.

VOCOlinc and Meross are also Chinese brands, btw.

I guess the broader question is, does the HomeKit hub have any built in protection against the smart devices snooping on the network traffic or eavesdropping via Siri?
 
A device being HomeKit compatible does not automatically imply that it's safe and secure. The HomeKit side of things may be secure, but does the device offer other features outside of HomeKit? That's where the firewall rules come into play and would want to block traffic.

For example, many security cameras can be controlled through HomeKit and through their own app/website simultaneously. There was a big debacle with some Eufy security cameras a few years ago, where images were being uploaded to the cloud even if you were using HomeKit along with their app. If you wanted to use the cameras solely for HomeKit, then you needed to block the other traffic.

With lightbulbs, you're probably fine, but can never be too sure. Perhaps consider getting Bluetooth or Thread ones...then you know they won't connect to Wi-Fi. You would need to make sure they're within range of a HomePod/Apple TV, or some other Thread mesh repeater/extender. (That could simply just be another Thread device, like a lightbulb or outlet nearby.)

Also, just an FYI, lightbulbs can reset themselves if you have power issues or brownouts. That happened to me once during a storm where the power must have quickly blipped off and on a few times in a row. That was fun having to go around my house to re-pair and program all my bulbs again. Not sure how easy that would be to do in your attic if that were to occur.

Btw, there are lightbulbs / sockets and are literally controlled with an IR or RF remote control. Maybe that would be a better fit for this type of application? (I'm assuming this attic is the non-livable space kind.) IMO, if you don't plan on doing any sort of automation or voice control, there’s not much point in getting HomeKit compatible bulbs...it just adds unnecessary complexity.
 
SnowCrocodile said:
I have my ISP’s router. I used to have a Unifi router plugged in that and serving as a main router but wanted to simplify my life a little. Not sure what level of control I have over the firewall.

VOCOlinc and Meross are also Chinese brands, btw.

I guess the broader question is, does the HomeKit hub have any built in protection against the smart devices snooping on the network traffic or eavesdropping via Siri?
Click to expand...
Most are Chinese brands but they have a large following in the HomeKit community along with Aqara. You made it sound like the ones you are looking at are from a fly by night company lol.

Looks like BigBlur answered the rest 👆.

Most, if not all, IoT and big tech companies are looking for your data these days so if this frightens you, your best bet is to stay off the grid. Even Apple had a security issue with the HomePods and Siri a few years back.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back