Leaving the Nest

NOPE

I migrated from Nest to Google Home today to save a few bucks and while eventually inevitable it was a really dumb move.

The first thing is that it doesn't work with your Google Workspace / G Suite account because of course it doesn't. So you need an unpaid Google account to move to. Luckily I already have one from that time that G Suite didn't support Google Fi. Interestingly while Google Home won't work with your paid account it has no problem reaching over to grab credit card information from it.

The next thing is goodbye Works with Nest, hello Works with Hey Google. So there goes my IFTTT integration. Because I can't use my main Google account it's kind of useless to me that this might work with Google Assistant. There is still Alexa integration though so I can play my Nest stream on the Echo Show once a year or so as a connected home party trick.

Having not read the changed terms of service I downloaded the Google Home app which a few minutes in I've take to calling Google Nope.

Nest Protect is not supported! This is my favorite smart home device just because when the battery runs out it can tell you which one to change. It's worth almost any amount of money to not spend several hours figuring out where in the house the omnidirectional smoke detector chirp is coming from. But for some reason Google Home doesn't integrate with Google Nest Protect so you need to keep the Nest app as well. Understandable, they only have several tens of thousands of engineers.

So they nailed the camera experience at least, right? Nope. In Nest there are about a hundred settings to play with. In Google Home you can change the name of the camera. In Nest you can scroll through all of your recorded history. In Google Home, despite specifically paying for the plan with 10 days of history you can't. It has a pre-Alpha feel to it. Good for a 'hey, we got the skeleton of an app thrown together' kind of internal demo but it feels like they probably should have added the things you've paid for before shipping it to anyone, let alone bribing them to go through a feature shredding 'migration' process.

My smart home ambitions are not that great. I had a nice little setup that switched some lights on and off around dawn and dusk, but Philips end-of-lifed the bridge and I'm not about to buy a new one. I had some fun making dropcam timelapses but Google broke the public cam URL. And thank goodness I didn't get the alarm system.

Lesson (eventually) learned. The only new smart home devices I'll install are the ones that I build myself.

Securing the Internet of Things

Updated on Wednesday, February 22, 2017

Securing the Internet of Things

We can’t trust manufactures to build secure connected devices and so routers need to be updated to solve this problem once per network.

The distributed denial of service (DDOS) attack on Friday, October 21 was apparently caused by dodgy webcams. But next time it will be Nest or Alexa or Hue - not picking on Google, Amazon or Philips specifically here, those just happen to be the IOT devices currently plugged into my home network. My washing machine and drier would be as well but fortunately LG’s dismal app has saved me from myself by not working for toffee. Oh, I have some DropCams too. And my car is connected. The next attack will probably just come from me.

My fix: update routers to sandbox these devices. A Nest thermostat can only talk to nest.com. If it wants to DDOS Reddit too bad, no connection allowed no matter how badly the device is compromised.

When a new device is connected the router looks it up (MAC address registry?) and then puts it in the appropriate sandbox.

If Nest needs to connect to weather.gov to check the forecast then Google would need to proxy this via nest.com. If the device goes bad it’s only got one domain to attack (so there’s a pretty good incentive for the manufacturer to make sure it doesn’t).

The only downside is new routers or new router firmware. Given the current state of IOT I’d buy one.

As usual if any of my billionaire investor readers are interested get in touch.