The Tor Project is joining forces with Home Assistant, and The Guardian to create a newer security system to funnel all the data traffic for the device to the end user via Tor, not public internet. The new system is the Home Assistant platform, only it’s running a special Tor Onion Service Configuration.
You only need a device that’s Raspberry-Pi or close to it, to run Home Assistants software. The software will run a Tor configuration that sets up a special Onion site on the device. For remote access to IoT simply need the Onion link to the Home assistant software, then the connection will then rely from the remote device, to the actual IoT device, acting like a proxy.
Using this new system, there will be no need to set up difficult SSL/TLS certificates to support HTTPS connections, since Tor is encrypted by default. Users won’t need to open firewall ports or use VPNs to access the connected IoT device. All connections are routed through Tor so nobody will be able to see the users traffic. This means that nobody will be able to tell if it’s a marketplace or a surveillance camera.
The scanning of Tor protected devices is very, very hard. There will be no need to search for vulnerabilities in IoT devices.
“To many things in our homes, at our hospitals, in our businesses and through our lives are exposed to the public internet without the ability to protect their communication. Tor provides this, for free, with real world hard ended, open source software and strong, state of the art cryptography,” Executive director of the Guardian Project, Nathan Freitas explained.