NRV ContainerDay Saturday September 2nd, 2017

Some of you may know I’ve been dabbling in Docker, and specifically its usefulness in a Windows-centric environment. Michael Irwin has run a Docker user group in the Blacksburg area for almost a year now. And to celebrate the first anniversary, he (and a few others) have organized a ContainerDay.

The day consists of 4 talks on Docker in general in the morning, and a workshop and a few blitz talks in the afternoon. The goal is to have every participant go home with a working Docker application. It is geared towards developers, but everyone is welcome.

Sign-up and participation are free, and the location is Torgerson Hall, Room 3100, on the Virginia Tech campus in Blacksburg.

For more information, check out the web page at NRV ContainerDay.

How to Build Your Smarthome… and keep it secure

PC Magazine has an article “How to Build Your Smarthome: A Beginner’s Guide”, describing the various components of a Smarthome. It starts by describing various protocols used to make the components of a Smarthome talk to each other, then touches on the hubs, cameras, controllers, thermostats, lighting, security, and even sprinkler controls.

It’s a great start into the home automation field. However, one aspect of the Smarthome, and particularly the Internet of Things (IoT), is the network security. Most devices used in a Smarthome setup have minimal security features, and it’s rare that any of them get an update after they leave the factory. This makes them the prime target for an attack on your home network.

To keep your regular, PC-and-laptop based, network separate from the insecure IoT network, requires a bit of network knowledge. Steve Gibson of GRC.com has been experimenting with various setups, evaluating each one of them, and has come to the conclusion that the best set up is as follows:

  1. Obtain 3 routers. They don’t have to be high-end smart routers, but they have to be routers, not switches.
  2. Put one router behind your internet connection (DSL modem, Cable modem, whatever). This will allow¬†NAT translation between the Internet and your home Intranet. We’ll call this router the Master Router.
  3. Put the other two routers behind the Master Router. You now create two separate networks inside your home Intranet. Let’s call them Network1 and Network2.
  4. Network1 machines cannot talk directly to Network2 machines, and vice versa. So now you can put your insecure IoT devices in Network2, and keep your (more) secure laptops, PCs etc. in Network1
  5. If you need more segregation, you can set up a Network3, Network4, etc., depending on how many routers you have, and how many ports are available on your Master Router.

Network_DiagramAn important thing to remember during the setup is that they have to be acting as routers. Even after configuring them as much as possible as routers, you still have to make sure they act as NAT routers. The trick for this is to set each network up with their own network address. So the Master Router can have an internal network of 192.168.0.xxx, Network1 will be 192.168.1.xxx, Network2 will be 192.168.2.xxx, etc. etc. Each router will have the .1 address assigned, and use DHCP to get its address assigned on the WAN port. It will have DHCP enabled for its network, assigning addresses in its network as required.

PC Perspective has a longer write-up about the “Three Router Solution”, including the thought process leading to the three router solution.

An alternative would be to use a router at the 192.168.0.x network, that will allow you to segment that network in subnetworks. This splits a network (like the 192.168.0.x network) up in smaller subnets, each with separate routing. A cheap but powerful solution for this would be the Ubiquiti EdgeRouter X.

Either one of these solutions is a bit more involved than just plugging everything in one router, but it will greatly enhance your network’s resistance against misbehaving IoT devices.

Google’s Works With Nest

wwn-partner-logoGoogle is expanding the automation of your home with its Nest products beyond the Nest product line itself.

A range of products, like lights, locks, and washers/dryers, are now becoming Nest compatible. This allows them to react to things your Nest thermostat does, or your Nest camera sees, or your Nest smoke detector… uhm… detects. The video shows lights coming on when movement is detected, or the drier will occasionally re-thumble your clothes where you’re not home.

The Works With Nest page has a list of all the products that work with one (or more) of the Nest products. It also allows you to sign up to keep informed of new products.

How to disable Hangout and SMS integration

A few weeks ago, Google integrated SMS messaging in Hangouts. I opted in, thinking this would be a good thing – having all messaging in one place.

However, the Motorola Droid Maxx that I’m using has two neat features: a plugin for Chrome called Motorola Connect (allowing me to message from my computer keyboard), and more importantly, an app called Motorola Assist, which allows it to detect when I’m driving and read incoming messages aloud.

Especially the option to have my phone read incoming messages to me was useful, and was now missing. But luckily it’s fairly simple to disable the SMS/Hangout integration:

  1. Open up Google Hangouts
  2. Make sure you’re on the “main” hangout screen. This is the one showing all your conversations, and a plus sign to add a new hangout
  3. Tap on the Hamburger Menu (three lines or dots, most of the time in the top right of the app), and select Settings
  4. Select SMS from the Settings menu
  5. In the General section, there is an option Turn on SMS. Uncheck that.
I think it is a good idea to combine Hangouts and SMS messages. But there are some drawbacks. And the integration apparently is limited to the phone: I don’t see the SMS messages show up in a Hangout on the computer.