Most secure: HomeKit and...Wink?!

iotindustry

#1

OK, I understand completely why a security expert might recommend that those considering home automation choose Apple’s HomeKit. Apple made a really big deal out of security in their standard, including requiring a specific hardware chip, which to be honest why there are so few HomeKit devices available right now. There’s no way to add HomeKit compatibility to an existing device (like the SmartThings hub) because it doesn’t have a specific security chip that Apple requires for HomeKit certification. And everything except voice processing and out of building requests runs locally in HomeKit.

But what are they talking about with regard to wink? Is this something specific to the new Wink 2? Because there’s still a big cloud piece in their architecture. So Why would wink specifically be better than Lowes iris or SmartThings or for that matter Vera and Insteon and Homeseer?

Anybody know what they’re referencing here?

According to Drew, consumers should consider only buying devices that claim to be compatible with Apple’s HomeKit AAPL or Wink Hub.


(Ben W) #2

That article is worthless.

Wink and Homekit offer “certification” which in theory means it passes some type of security validation. Which in reality means they just paid to get certified.


#3

There’s more to it than that for HomeKit because the certified device must include the specified encryption chip. But, yeah, I thought that’s all Wink did, so I’m really confused.


(Ben W) #4

Still have to pay for that chip. Nearly every wireless standard has encryption built in now.

Certification does reduce the likelihood of getting an infected device. Buying a no name door lock could have a back door installed, while getting a Schlage probably does not.

Smartthings does pose a risk if you use 3rd party smartApps and handlers. But the code is usually completely visible and open source so that is a level of protection in itself.


(Never Trust @bamarayne) #5

It’s an appeal to authority.


(Geko) #6

If you read carefully, he does not compare HomeKit and Wink to other hubs. What he’s trying to say is that devices compatible with HK and Wink are more secure than devices that connect directly to Internet (for example Wemo), I.e. the hub offers a certain degree of protection.

While the hubs offer convenience, they also forestall hacking because any third-party manufacturer that operates on them must comply with some baseline security standards. This is in contrast to device makers that release products capable of connecting to the Internet but whose software is easily compromised.


#7

The problem is the reporter turned around and changed that into this:

Look for these two brands.


(Geko) #8

Yes, that’s gross misinterpretation, imho. That’s what happens when editors have no clue what their staff are reporting.


(Christopher Masiello) #9

When a device includes Apple’s magical chip, they’re paying Apple (indirectly). So yeah, sort of the same thing. Now I’m not really sure if the chip is or is not super secure, but I’m sure that Apple is getting paid.