Category: Technology

I recently migrated from a 802.11b/g/n mesh network with a base and two satellites to two standalone 802.11a/b/g/n/ac/ax access points. The reason for going from mesh to a two separate standalone APs was due in part to housing downsize and separating IoT, guests, and questionable devices from my personal, trusted, devices.

Shortly after making the migration I started noticing frequent, but random disconnects on the 2.4GHz network on the IoT AP for about half a dozen devices. There are approximately 50 devices connected on this AP in total, so having 6 of them disconnect randomly seemed a bit odd. To make things even more interesting, these 6 devices would not automatically reconnect after they disconnect. Seems like a mystery is brewing, and I love a good mystery!

I started digging into the mystery by making sure the AP had the latest firmware (it did) and confirmed the configuration settings were correct (they were.) Then I tried to identify anything in common between the 6 devices (they were all TP-Link Kasa smart devices.) I thought maybe one of the Kasa devices were malfunctioning and started taking them offline one at a time. No dice! The problem persisted!

I continued my investigation trying various other things such as reducing the Wi-Fi protocol to only older ones and a bunch of other things. None of this really made much difference outside of slowing down the disconnect rate of the 6 devices.

Eventually I decided something else must be going on so I set up logging on the AP and had the logs shipped to a machine on my network that runs rsyslog. I went through the logs and discovered something that was not visible in the APs interface nor in the normal event logs: there was a unknown device attempting to connect about once per second but failing to complete the connection. Looking up the MAC address revealed that is was manufactured by “Tuya Smart Inc.”

Knowing the manufacturer didn’t really help that much other than tell me it was some sort of “smart” device. The next step was a process of elemination where I went throughout the house unplugging every smart device for a few minutes at a time by either unplugging them, which did not reveal the mystery device, or by turning the breakers off in the electrical box. I eventually narrowed things down to one room.

Once I began looking at what was present and plugged in, I realized there was a “smart” thermometer on the wall in this room. As it turns out, this thing has Wi-Fi, and was not connecting correctly. After removing the power (AC and batteries) the constant connection attempts on the AP completely stopped. The reason this went unnoticed for months was because I do not use the app associated with this “smart” thermometer, but my spouse occasionally does. Apparently she hadn’t used it for a few months to notice it wasn’t working any longer…

I ended up doing a factory reset on the “smart” thermometer, reconfigured it, and it has been behaving fine since (a few years now).

Mystery solved!

I stumbled on this video on youtube and am in love with it.

Cybersecurity is more crucial than ever, but have we reached the point where profit motives are overshadowing actual security concerns? The rise of influencer-driven content, aggressive marketing tactics, and paywalled education suggests that cybersecurity has at least entered the snake oil phase. We now see the focus shifting from technical content to selling solutions.

The Business of Fear-Based Marketing

Cybersecurity companies have perfected the art of fear-based marketing. They warn of devastating data breaches, ransomware attacks, and identity theft—only to offer their own product as the ultimate safeguard. This tactic isn’t entirely dishonest (threats do exist), but it often exaggerates risks to push unnecessary or overpriced security solutions.

The Sponsorship-Driven Cybersecurity Advice

Scroll through cybersecurity content on YouTube or social media, and you’ll notice a pattern—many creators consistently promote VPN services, password managers, or paid security courses. While some of these tools have value, the aggressive sponsorship model raises concerns about bias. Can cybersecurity influencers truly provide unbiased advice when their content is funded by the same companies whose products they review?

This is particularly problematic when creators recommend tools without properly assessing their effectiveness. The line between genuine security education and sales-driven endorsement is growing increasingly blurry.

The Paywall Problem in Cybersecurity Education

Cybersecurity education is essential, yet many platforms charge exorbitant fees for courses that may not justify their cost. Some influencers push their personal training programs while dismissing free or more affordable alternatives, creating a system where knowledge is gatekept behind expensive paywalls.

This trend forces aspiring professionals to either spend thousands of dollars on questionable courses or navigate cybersecurity on their own, often relying on fragmented free resources. While quality education certainly requires investment, the industry’s prioritization of profit over accessibility makes entry harder for those without financial means.

How to Navigate the Snake Oil Era

Despite the commercialization of cybersecurity, there are still ways to find valuable and trustworthy advice:

• Prioritize transparency: Look for creators who clearly disclose sponsorships and affiliations.
• Verify security claims: Research products independently and check expert reviews rather than relying on promotional videos.
• Seek community-driven knowledge: Open-source cybersecurity communities and government-backed initiatives often provide credible information without commercial bias.

Cybersecurity is a real and necessary industry, but it has undeniably entered a phase where marketing and profit motives sometimes overshadow genuine security concerns. Consumers and professionals alike must approach cybersecurity products, advice, and education with a healthy dose of skepticism.