Restrict Alexa and any AI system with Router?

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions
Author Message
SidCharming
DD-WRT Novice


Joined: 14 Nov 2015
Posts: 28

PostPosted: Tue Nov 24, 2020 16:16    Post subject: Restrict Alexa and any AI system with Router? Reply with quote
I am not a fan and want to limit my exposure to AI. However the wife wants to get a robot vacuum cleaner. The new or higher level machines have neat/better features. I do not want a device walking around the house throwing information out to AI. Thoughts? Is there any filtering or ports to block?

Thanks in advance.
Sponsor
Wildlion
DD-WRT Guru


Joined: 24 May 2016
Posts: 1005

PostPosted: Tue Nov 24, 2020 16:50    Post subject: Reply with quote
This is a very generic question since every system works differently.

If you want the simplest way. Create a VAP (ie like a guest network) and then setup iptables to prevent access to the internet on that access point. Then connect everything that way. Then whenever you need to log into those wirelessly you have to switch networks to do so.
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8563

PostPosted: Wed Nov 25, 2020 3:28    Post subject: Reply with quote
What does "throwing information out to AI" mean? You mean deny it internet access? Deny access to other devices on the same local network? Other local networks? All of these?

As Wildlion stated, that's such a broad statement, it's hard to give good advice. We don't even know what these devices *require* in terms of local vs. internet access to function properly.
lexridge
DD-WRT User


Joined: 07 Jun 2006
Posts: 363
Location: WV, USA

PostPosted: Wed Nov 25, 2020 15:22    Post subject: Reply with quote
What I do to prevent my IoT devices from sending out data is set up block groups under "Access Restrictions". For example, I have about 8 TPLink smart plugs. I set up a group that includes them all, by MAC address. You can also do it via IP address or IP Range. Whenever I check for firmware updates, I can unblock them all, update them, then reblock them.
_________________
Linksys EA8500 (Internet Gateway, AP) - DD-WRT r44719
Netgear R6250 (AP, VAP) - DD-WRT r44772
Linksys EA8500 (Gateway Backup) - DD-WRT r44236
Features in use: Samba, OpenVPN, WireGuard, Entware for Mosquitto
Member #248
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 4166
Location: UK, London, just across the river..

PostPosted: Thu Nov 26, 2020 20:27    Post subject: Reply with quote
yep you can limit smart devices from internet(WAN)side and they will be running only LAN, but its not a solution...as some devices like Alexa internet is a must...
best bet is to isolate them from communicating, from the rest of the network, and communicating between them..
in my case... on my router i've, 1 isolated port (VLAN) connected to a managed switch, capable of VLAN's (isolated ports) and all my smart (IoT) devices are connected there... You can also do it on you router with VAP (virtual WiFI) situated on a isolated bridge....so all devices that use that WiFI will be isolated from the rest of the network...

_________________
Atheros
TP-Link WR740Nv1 -----DD-WRT 45711 BS AP,NAT
TP-Link WR740Nv4 -----DD-WRT 44251 BS WAP/Switch
TP-Link WR1043NDv2 ---DD-WRT 45820 BS AP,NAT,AP Isolation,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---DD-WRT 45711 BS AP,NAT,AD/Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Qualcomm/IPQ8065
Netgear R7800 -----DD-WRT 45735 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Broadcom
Netgear R7000 -----DD-WRT 45735 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,VLAN's,DoT,VPN
-----------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913
d0ug
DD-WRT Guru


Joined: 31 Jul 2015
Posts: 846

PostPosted: Sat Nov 28, 2020 2:54    Post subject: Reply with quote
Probably not without breaking the entire functionality of the device if it requires internet access to function. There are no assigned ports for "AI" like most stuff these days its probably all APIs running over https. Your best bet if it will work without internet just don't plug it in or associate it with your wifi. If it won't work without internet then find a device that will work without internet.
lexridge
DD-WRT User


Joined: 07 Jun 2006
Posts: 363
Location: WV, USA

PostPosted: Tue Dec 01, 2020 23:05    Post subject: Reply with quote
d0ug wrote:
Probably not without breaking the entire functionality of the device if it requires internet access to function. There are no assigned ports for "AI" like most stuff these days its probably all APIs running over https. Your best bet if it will work without internet just don't plug it in or associate it with your wifi. If it won't work without internet then find a device that will work without internet.


Well that being the key. If anyone is concerned about their privacy, simply don't buy cloud based devices. The worst offenders seem to be cameras, Amazon and Google products. Using HABridge + Home Assistant + Alexa may help alleviate some of that pain, but probably not enough. and buying only devices that are not cloud dependant is also a saviour if your Internet goes offline too.

_________________
Linksys EA8500 (Internet Gateway, AP) - DD-WRT r44719
Netgear R6250 (AP, VAP) - DD-WRT r44772
Linksys EA8500 (Gateway Backup) - DD-WRT r44236
Features in use: Samba, OpenVPN, WireGuard, Entware for Mosquitto
Member #248
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum