The CIRALabs SHG project (https://www.cira.ca/labs/projects/cira-secure-home-gateway ) has been trying to get our systems into the hands of 50+ in-house alpha testers, but the pandemic has set us back: sorting people's network plumbing without visiting their house is a challenge. There will always be someone with something that just isn't wired up right, and non-technical people don't want to screw with their setup when they need it for minute-by-minute school work, etc. (Ironically, our home routers probably make their network better if wired right). So, our team has been onboarding devices and letting our SPIN/SHG hybrid system do analysis of the devices to form filtering policies. We have leant that this is harder than we'd like. For instance, I got a $20 Globe Suite single outlet back in December. It's in green so that it will match your Xmas-tree. https://globe-electric.com/en/product/globe-electric-wi-fi-smart-plug-no-hub... Our system is set up to accept new devices online, but to drop traffic from them by default until the administrator says, "okay". The device wants to put into onboarding mode by having a button held down for 5s, and then it flashes fast, and it is supposed to be discovereable by the phone. I'm unclear if it gets discovered by BT or via 2.4Ghz public frames. The app is repeatedly very specific: "Make sure you are on 2.4Ghz WIFI" My app just could not discover my device despite repeated attempts. No obvious errors, just "not there".... I went back to our SHG app, saw that in fact a new device was now present. (Yes, there is a bug with delays with Notifications that we haven't figured out yet). I then enabled access for this new device. NOW, I could onboard the device. Apparently, it attempts to join the WIFI, connect to Internet, and connect to the cloud, and if anything fails, then everything fails, and the device appears to not even be found! That's terrible UI. Now for the kicker: one might assume that the device is really controlled through the cloud then, right? So after plugging in a light to test it, and confirming I could turn it on and off with my phone, I turned wifi off on my phone, and tried to control it via LTE. What's the latency that way? Infinite, as I don't think it can be controlled via the Internet. Yes, you can onboard it to Siri,Alexa,Google Home, and I imagine you can control it that way. The device needs Internet to onboard, but doesn't apparently use it. Firmware updates? Maybe. The onboarding fails in less than human reaction time, so I could never actually enable access for the device via any kind of UI! -- Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide