> Consider everything that is network connected as compromised. Everything.
This doesn't seem like useful advice.
If you know something is compromised, you're going to want to stop using it and build a clean system etc. You can't just do that continuously the instant you've built the new system.
Likewise, how does monitoring even work? Every device and app wants to phone home to some random server. The connection will be encrypted and even if it wasn't it could be some arbitrary custom protocol you'd have to spend several hours to reverse engineer. You could just block them all but that will cause massive breakage and possibly impair security when the thing you're blocking is whatever thing's security update mechanism.
I agree with your first part, but not with your second. It really depends what you use, you can easily build up a while home automation system that doesn't phone home or require internet at all
Same thing as the security of the lock on our doors. We know that if somebody really want to get into our homes they will. In the case of IoT and computers add to it the automation of the attack.
What do we do with our homes? Tradeoffs.
We put some valuables in banks, we keep some at home. We insure precious items, if we do have them. We curse when burglars steal from us.
We also install curtains so people outside cannot look at us and at what we are doing at home. There are several level of protections to do the same thing for networks and devices. Of course vulnerabilities mean that they are not perfect. Curtains are not perfect too. Add to that imaging through walls with WiFi or mobile network signals, but that's still fringe at best even if you should read https://news.ycombinator.com/item?id=37469920
I think this discussion mostly comes down to how we interpret the word “secure”. Do we mean “zero risk”, “nothing can go bad”, “no potential attack, ever”?
Or do we mean “low enough risk for this thing , here, now”? I prefer the latter, even if that implies that statements like “this thing is secure” are somewhat useless due to the subjectivity.
This doesn't seem like useful advice.
If you know something is compromised, you're going to want to stop using it and build a clean system etc. You can't just do that continuously the instant you've built the new system.
Likewise, how does monitoring even work? Every device and app wants to phone home to some random server. The connection will be encrypted and even if it wasn't it could be some arbitrary custom protocol you'd have to spend several hours to reverse engineer. You could just block them all but that will cause massive breakage and possibly impair security when the thing you're blocking is whatever thing's security update mechanism.
What's a solution someone can actually use?