1.5K followers? – woohoo!
Arduino’s millis() overflows every approx. 50 days
Reminder to self: Arduino's millis() overflows every approx. 50 days, use if ((unsigned long)(millis() – previousMillis) >= interval) instead
Securing MQTT for embedded IoT devices with Mutual TLS
I'll be speaking at the "IoT Bulgaria Summit 2019" community event this September, session topic "Securing MQTT for embedded IoT devices with Mutual TLS Authentication". Use this opportunity to chat with me on anything IoT. https://www.eventbrite.com/e/iot-bulgaria-summit-2019-tickets-54290900545?utm-medium=discovery&utm-campaign=social&utm-content=attendeeshare&aff=estw&utm-source=tw&utm-term=listing @Eventbrite
Human workers are listening to recordings from Google
This is why I don't own voice assistants: human workers are listening to recordings from Google Assistant, too: https://www.theverge.com/2019/7/11/20690020/google-assistant-home-human-contractors-listening-recordings-vrt-nws#comments
Wireless battery temperature and humidity sensor revision
This is my latest wireless battery temperature and humidity sensor revision. It is optimized for long range (200m) and long life (2+ years sending once a minute). To be used with the display hub and relay actuator I tweeted recently #IoT #smarthome
BMW i3
Test drove BMW i3, lovely vehicle. Wishing I can afford one some day. #EV #BMW
Pear tree to the internet
Connected our pear tree to the internet. It will publish a notification when pears are ready to be picked up. #IoT #esp32 #homeautomation
16A relay actuator with 433Mhz RFM69
Designed a high quality 16A relay actuator with 433Mhz RFM69, two separate DS18B20 plugs, option for RTC and SPI flash. Will be used with the thermostat controller I tweeted yesterday. #IoT #smarthome #arduino
IoT development framework carefully
This is why I chose my IoT development framework carefully. Of course, no one is immune to framework obsolescence: https://www.reddit.com/r/esp32/comments/c9tp0d/super_bummed_spent_almost_2_years_on_a_hobby/
OTA server requires client certificate
Updated my OTA server to require client certificate to be presented before providing the firmware binary. This way the binary is kept away from curious eyes, and only provided after mutual TLS authentication proves the asking party is who they say they are. #IoT #OTA #Security
PCB for ESP32 based smart thermostat controller project
PCB for ESP32 based smart thermostat controller project with touch bring-up success. The enclosure is in the works. Feeling satisfied. #IoT #smarthome
ESP32 serial log messages to MQTT
Implemented option to send a copy of the ESP32 serial log messages to MQTT; Makes it so much easier to debug remote nodes. Literally takes one line of code, look up esp_log_set_vprintf. Next is to provide API to change the log level runtime so I can focus on the desired component
Forking git projects
Wondering why people fork git projects with the clear intention not to contribute, rather than just starring them?
Separate network for your IoT devices at home
I am curious if you folks have a separate network for your IoT devices at home? Bonus read on the subject: https://robpickering.com/ubiquiti-configure-micro-segmentation-for-iot-devices/ The poll results are interesting. Looks like 80% of my tech-savvy followers do not have a separate network for their IoT devices, which means either they DIY all of their IoT hardware and…
Arduino code in production
I am frequently contacted by folks who were advised to use Arduino to build commercial product and are now running into the full spectrum of issues related to using a rapid prototyping platform in production. Someone's giving them the wrong advice and that costs a lot. Also using Arduino code means all of your object…
128 KB limit for MQTT payload size for AWS IoT
TIL of the 128 KB limit for MQTT payload size for AWS IoT. Any publish request that contains payload larger than this limit will be rejected and result in a disconnect. Kind of odd, makes it difficult to transport large payloads e.g. frames from cameras or OTA files over AWS IoT.
MQTT rate limiter middleware
Working on MQTT rate limiter middleware, it will add an extra layer of security to my already oversecured broker.
JSON based access policies to my Mosca-based MQTT broker
Implemented JSON based access policies to my Mosca-based MQTT broker, decision to allow or deny publish/subscribe is now based on the presented client certificate's CN/O/OU/L fields. I think it is pretty safe to say I now run miniature AWS IoT clone 🙂
ESP32 OTA rollbacks
Implemented ESP32 OTA rollbacks if the new firmware crashes within 45 seconds of first boot, doesnt manage to connect to MQTT or the device enters degraded operating mode due to failed hardware initialization. This gives me a peace of mind when pushing mass OTA updates. #IoT
Continuous Delivery setup for ESP32 IoT projects
Made a short video on my Continuous Delivery setup for ESP32 IoT projects using Node-RED https://youtu.be/paC_rVziIMQ #IoT #MQTT #OTA #ESP32
Folks actually think like that
This made me laugh, I have seen folks actually think like that #startup #ideas #dilbert
Provisioning ESP32 devices for mutual TLS authentication
Just recorded a new video: Provisioning ESP32 devices for mutual TLS authentication for MQTT using own PKI https://youtu.be/7qTT9EPCdCw #IoT #mTLS #MQTT #security #PKI #DIY #eclipse
How-to video on how to use self-created CA
Made a "how-to" video on how to use self-created CA to secure Node-RED installation with mutual TLS authentication in 12 minutes: https://www.youtube.com/watch?v=oRCpXEj236s&feature=youtu.be #IoT #nodered #tls #mtls #security
Jupiter next to the moon
Jupiter quite visible today, just next to the moon where I live. Feels alien to see it like this..
AWS IoT pricing calculator
Checking an AWS IoT pricing calculator, running a 10K IoT fleet costs $1.8K per year. This is not insignificant. Link to the calculator: https://d1.awsstatic.com/IoT/assets/AWS_IoT_Core_Pricing_Calculator.fcc37410fa03431c28b59d8509f1b4e370c88402.xlsx
Node-RED with mutual TLS authentication
Secured my #Node-RED with mutual TLS authentication through my own CA and self-generated certificates; I have to present a client certificate in order to be allowed to use Node-RED.
My dog meets Google’s AR tiger in the garden
My dog meets Google's AR tiger in the garden.. try it yourself, google for "tiger" on your phone, then "view in 3D"->"view in your space"
Basic PKI PoC
I need a node.js guru volunteer to work with me on creating basic PKI PoC that provisions #ESP32 devices with client certificates; node-forge looks right for the purpose. I have the complete solution architecture figured, just need a node.js guru that can code it for free 🙂 Couple volunteers already, thanks @eliofilipe and @MrQinEL ;…
x.509 certificates to dedicated ESP32 partitions
I now load x.509 certificates to dedicated ESP32 partitions rather embedding into the code via COMPONENT_EMBED_TXTFILES; This helps decouple the code from provisioning the device with CA and client certificate+key; Still working on PKI to provision the certificates at flash time
Wallet with IDs, credit cards
Saw someone drop his wallet while entering a shop (pretty full with cash btw) and ran up to him to return it. Feels good to help, I have been in a position where I've lost wallet with IDs, credit cards and know what it means..
mTLS to secure IoT solutions
Sharing some thoughts on using mTLS (mutual TLS authentication) to secure IoT solutions in a blog post: https://harizanov.com/2019/06/using-mtls-to-secure-iot-solutions/
Using mTLS to secure IoT solutions
While delivering on the promise of streamlined efficiencies and operational insights, smart IoT devices also present a new and more widespread threat to users and personal data. No one really needs reminding of the security implications of IoT. Think of…