What did a IoT device do on my network?

In May, I bought a tiny device that runs Linux. It comes as a board, but I bought the whole kitan enclosure, a screen/button addon, and a neat aluminum case. It also came with a 16gb microSD card containing some variant (ish?) of what I think is the software that runs Raspberry PIs.

The reason I'm buying it is actually to read via USB, a device that, using FM radio (yes really), reads the current usage and export for my 3kW solar installation (so I can upload it somewhere). The setup looks like this (I guess I'm currently using 205w):

The Linux device comes with a SSH server running with some known logins (admin, root, etc). I plugged it in, set it up, added a custom user account "sam" that has my standard shell setup. I went away.

Later:

Post a Comment: What was it doing?

Once I discovered it was uploading like crazy (the screenshot above is from the Google WiFi app), I disconnected the device.

What do you think it was doing? I have my own theories, and I'll isolate the device and find out for a follow-up post.

An Aside

I've not identified the device (because I don't want to imply that it came with malicious softwareunless it did, which I'll find out and let you know), but it's ostensibly actually pretty neat. It's a US$33 kit which:

• is USB powered
• has a 100mbit network port
• has two USB ports
• has a headphone jack
• has several programmable buttons and a tiny LCD display!

8