First thing I do when I get a smart appliance is scan it with nmap. This has revealed some interesting Easter eggs, like my Davis instruments air quality sensors having a local REST API.
Doing the usual scan against my GE washer and dryer shows that port 53 is listening. What could that be for? Is there a way I can at least query their status locally or something?
When I got the washer and dryer I was excited about the smart home features because getting an alert when my laundry is done or starting the washer remotely so the clothes are done when I get home are genuinely useful features. However, last time I checked the app none of that was available, so I just have these Trojan horses in my home spying on me with no benefit in exchange. Their app wanted my freaking mailing address when I signed up for their mandatory account, so the features mentioned above are the least they could offer in exchange for my digital soul. But I digress.
My fridge is in a similar situation. It commits the additional cardinal sin of ONLY being controllable via the app, with no on-board temp or filter status indicators whatsoever.
Set up a pihole on your network and add a few block lists. If your IoT appliances phone home at least you can block the traffic and monitor what things phone home.
As for buying appliances that are not smart, It takes extra effort and a trade-off in features.
For example, my toothbrush has Bluetooth in it. if I want a non-Bluetooth toothbrush I’d have to get a lower quality model because they simply don’t make one without it.
Most people buy whatever’s on sale, And considering how expensive home appliances are they usually put the expensive featured models on sale since there’s a bigger margin.
So if I wanted to get a basic one with less features, that’s not smart it would actually be more expensive because it will never go on sale.
pihole often doesn’t help, as many IoT devices either use their own DNS servers and ignore the one provided by your network, and sometimes even skip DNS completely and just connect to hardcoded IPs directly. Even blocking DNS at the firewall/router is getting more difficult with increasing use of DNS over HTTPS and custom DNS server IPs that aren’t in public lists. (I block all known DNS server IPs at my firewall, forcing any device to use my own DNS servers, but even that is not always completely effective)
It’s usually best to isolate IoT devices on VLANs with no internet access (blocked at the router/firewall) Although there are now even devices that can autonomously connect to external WiFi networks like Amazon Sidewalk, to gain internet access and bypassing any restrictions you might try to place on them…
Devices that connect to external wifi immediately gets the pliers and soldering gun treatment and a hole where their wifi chip used to be