HACKER Q&A
📣 mkeespiet

What is the risk in using WiFi products from China?


He!

Although HN is mostly related to IT stuff, I'm quit a noob in this. I just bought a few chickens and a hen house. To protect the chickens from being slaughtered by a fox, every night I close this hen house. I want do this with an actuator from Ali express which I can control via Wifi, see below link.

My question; what is the risk of giving this kind of China's products access to my Wifi network?

https://www.aliexpress.com/item/1005003058383283.html?spm=a2g0o.productlist.0.0.787a4e10sj3Txm&algo_pvid=b737391a-2a68-4189-851b-f586b86aceb1&algo_exp_id=b737391a-2a68-4189-851b-f586b86aceb1-8

  👤 Nokinside Accepted Answer ✓
Not any worse than cheap crap from any other country. zero attention is paid to security. Software is just quickly checked that if functions on some devises, not tested and no security.

If you fear that Chinese install backdoor's, don't. These devices don't have backdoor's because the front door is open. Country of origin does not matter. Shitty American or European IoT device with no security is just as easy for Chinese and Russians to exploit as Chinese.

Is the product comes with smartphone app, it's worthless and insecure after 1-2 years later even if it's from known brand like Philips or Google. They stop doing security updates soon after they stop selling the app. Philips Hue lights, Google Nest home automation, Sonos spakers, ... worthless crap now.

👤 compressedgas
I recommend setting up another WiFi network for the actuator. This way it does not matter, if it is malicious, and if it isn't and it is vulnerable, it isn't connected to the internet, so its attack surface is limited to the other devices on the same station.