Most of today’s home automation products rely heavily on cloud services. This allows us to manage and control our homes from anywhere in the world, by placing the configuration and logic processing in a publicly accessible location and avoiding opening our home network.
But as we know, the cloud is just someone else’s computer, that we have to trust. If they are the arbiter of what happens in your home, you are not truly in control.
This presentation discusses end-to-end encryption, secure claims, network firewalls and segmentation, and a smattering of zero-knowledge theory. You’ll hear some of the available options for resolving the connectivity issues and even taking some home-automation devices off-line altogether, without weakening your home network or losing the ability to verify the validity of all operation requests within.
As part of an ongoing project to bring these theories to life, this talk includes a live demo of a custom-built garden irrigation setup, featuring genuine H20.
JWTs are secure; they’re signed; they’re the best thing since sliced bread! So you’ve adopted them into your applications, and feel much safer. The chances that things will go wrong are slim. Right?
This talk will introduce the ways in which JWT implementations can go wrong, together with live demos, and take you on a journey to understand how to make sure you can trust these handy payloads in your applications and APIs.