Don't let strangers in your network (IoT device === stranger)
We need a "my mom could use it" device that sets up some DMZs in the network.
Any new device that claims to be "smart" goes into a sandbox DMZ that allows you to get in and control it, but those devices are not allowed to get out, even to the internet. Possibly have one zone per device.
If you chose to trust a device move it to a DMZ that has more permissions, maybe internet access or maybe just access to other devices.
If it's not open source it's going to have to have a lot of trust before getting inside the zone where "my stuff" is.
Poorly designed devices may still be vulnerable to a wifi attack, but they can't serve as a gateway into your network.
Maybe instead of DMZs; using WPA-2 Enterprise, combined with a RADIUS server would work. (I'm not a network guy, just paranoid enough to learn)
True, this wont help with nefarious devices that you connect to the wrong zone, but that's a different issue anyway.
An administrator from the CNIL, France's independent data protection organization, will be charged with overseeing the process.
How do you pronounce CNIL? I'm going with
se·nile - ˈsēˌnīl,ˈsenīl adjective 1. (of a person) having or showing the weaknesses or diseases of old age, especially a loss of mental faculties. "she couldn't cope with her senile husband" synonyms: doddering, doddery, decrepit, senescent, declining, infirm, feeble;