Home Assistant. Offline smart home automation you can control.
Home doesn't have to be 100% dumb in 2023. But you have to do a little work for it.
Bonus: your smart home will be more capable and interconnected than any of the commercial smart home options because they are all busy trying to control the entire ecosystem and sue each other. (maybe Matter changes that but I'm not holding my breath)
Also for security cameras, connect them to something like a Synology NAS so you have the recordings locally and then configure a firewall to block the cameras from any internet access.
Viewing the cams remotely just means using a VPN to connect to your network and then connecting to the NAS.
It's possible to maintain privacy/control and still use modern tech.
One thing I would say is that the camera stream will hammer those disks. They will always be busy. I chose not to run this way and instead loaded up a W10 VM with Blue Iris. I have the vm on a dedicated VM server with raid1 SSDs.
My Synology has large disks and does other duties. That’s the main reason I didn’t want that extra I/O.
What tics me off is a lot of the big box store brands of cameras don’t allow you to save locally - they don’t bother putting in the feature because then they couldn’t sell you a cloud storage subscription, or they just have the audacity to lock it behind a paywall so you have to pay a subscription to use your own damn hardware.
You can use Sonos speakers or any generic smart speaker that is not bound to a brand (like Google /Alexa)
Pro tip, Ikea smart speakers are rebranded Sonos at lower prices, and come hidden in all kinds of furniture forms.
However you don't need to wholesale jump to HA and lose voice. For $8 CAD I got the Nabu-casa HA cloud assistant and SSL proxy (portal to your home HA without need to punch holes in firewalls) and their cloud assistant integrates with Google or Alexa.
So you can tie everything together and then move things over to the HA ecosystem as you have time, eventually cutting the Google/Amazon limbs off.
It's really easy to control it with voice by basically replacing Google assistant on an android device. Look up the Wyoming Protocol interaction in Home Assistant
You supposedly can connect Google home/Alexa to Home Assistant but it's not for the feint of heart. I'm just starting this and it's not a weekend project. Might be a few days before it's up and running.
The main issue holding me back is that I don't want Amazon to link my house electronics to my actual account.
I set it up on its own VLAN and I'm starting to onboard it but hit a bump when it asked for my Amazon account credentials. So when I have some free time, I'm going to create a dummy Amazon account that will be used to control Alexa. Probably hook it up with a Privacy credit card set to burn after the first purchase with a limit of $5.
There is a plan to integrate these more tightly into Home Assistant, but it won't be for a while.
Google because they have the best voice control and I've already given them my data through Gmail, search, and for many years chrome. It's the one compromise I make because the product is good enough it's worth the cost to me. But if you don't want them having your data, your voice options are pretty limited.
Software developer. Having my home constantly phoning home to megacorporations sounds creepy, but more importantly, none of these smart home products solve a problem. They just add additional points of failure to appliances that have historically been sufficiently reliable.
Software developer. The frequency of stupid features that PMs request, followed by our urgency to implement it as fast as possible has opened up so many bugs and issues. Knowing that, why the hell would I want to open up potential failure to things I expect to work 100% of the time, like a toaster?
Software programmer. I have a Google Home running because I'm lazy af and like to be able to verbally turn on/off lights. I also use it to combat ADHD symptoms because saying "set an alarm" is less likely to distract me from what I'm doing than pulling out my phone is.
Smart lights solve a problem. I have LEDs with programmable scenes that I can swap to easily. I don’t have white light constantly on all times of the day.
Even better, have them on a timer and geofence like I do. When dusk falls, the lights turn on. When the last person leaves, all off. At 1am, all turn off except driveway lights. At dawn, all turn off. I never even interact with my lights anymore because they are automatic.
I can confirm. I don't want technology in my house I don't have full control over. All these "smart devices" that run through smartphone apps in the cloud can fuck themselves. The amount of access most people give these corporations into their lives is insane to me.
I really like the data - to see how weather and my activity influences temperature, air quality, network... I can absolutely see, just in the temperature data, when I get out of bed; air quality shows when I cook, exercise, open windows. Nobody who's not me needs that data, so all the sensors plug into an RPi or, at most, connect through zigbee/bluetooth. I can't even imagine what They can infer from Smart TV or wifi refrigerator, and cameras can fuck right off.
But I can see where, if you like the data but can't figure out how to manage it yourself, cloud devices could seem pretty attractive. Techno-magic and fun to be part of, and there's so many people saying that privacy just doesn't exist anymore. Probably people with an IoT security camera in their bedroom.
This post feels like more than just the privacy aspect. Every day I read about some connected devices going brick because they are no longer supported. Shit, my Roku 4 went brick because they need me to buy a Roku HD, and I suckered up. What're you going to do when your doors won't open because some company decides they don't want to support them, or worse they go under? I am not IT, but why would I want to come home from a day of answering tickets and have to reprogram some proprietary hardware so I can make dinner?
What're you going to do when your doors won't open because some company decides they don't want to
Do not worry my friend. On that day day it will already have been decided that you are only licensing the ability to do so. They will put you in jail for opening your own door, and you'll have given them the legal right to do so in the EULA.
I'm reading Radicalized by Cory Doctorow and the first story haunts me most. (Although I have 1 more to go) He has warned against the IoT Torment Nexus which means "they" are already creating it.
Our refrigerator is over 20 years old. It's now obsolete according to the manufacturer. They recommend replacement over repair. I dread the day we can't bring it back from the dead.
I know some software engineers like that. Some of it is knowing that the companies that make iot devices don’t give a crap about security. Some of it is plain ol paranoia. Mechanical door locks can be picked does that mean you invest in guard dogs? Crime is a thing but so is misanthropy. I think we should take reasonable precautions but believe that there are more good ppl than bad.
Mechanical door locks can be picked, but it must be done at the lock in plain view rather than at a distance sitting in a car while you do the majority of the work and then casually walking up and opening the door. Locks are more of an inconvenience than a deterrent, so it should be made as inconvenient as possible. Connecting them to the internet is the exact opposite of that.
But more realistically someone robbing your house is going to ring your doorbell to see if someone is home, then just walk around checking for unlocked windows.
In a meeting with a (business) customer regarding security precautions, my coworker had a great suggestion: we buy a mountain in Switcherland Switzerland, build a bunker there for the servers and hire a private army for protection. The customer liked the idea...
And those locks cost hundreds a piece. A "there is a security system here" sign would do more useful work. And a locksmith will tell you that picking is what you try AFTER you just try bypassing the lock entirely. Aka shim the door or break a window. Exactly what a burglar will do if they really wanted in. You do know that your garage door can be disabled with a coathanger threaded inside and grabbing the release hook, right? Or a jack wedged under with a crowbar, right? Or your decorative gnome in the front yard thrown through a window? Locks are a deterrent.
Locks can be picked, but good locks require picking skills far beyond what the average break and entry will have. They can be drilled, but that's loud and increases the odds of being caught.
A software vulnerability can be triggered silently and will look like you're an expected guest.
They'll likely just smash the window in the back yard though so it's a moot point
It’s not just poor security that’s easily hackable, it’s mainly the unreliability and frustration of having to continue to work when you get home to fix your dam light switch because it doesn’t work because it got out of sync when the microwave is turned on. No thanks.
I've had roomies that were in IT, and generally most things weren't "smart" appliances. I think the fanciest thing they had was a plex server. We all know how insecure the IoT is.
I've also had non-IT roomies and yeah, they were putting up surveillance cameras and shit and being super-creepy with monitoring.
I once very, very quietly tried to wash a dish at 1am in the kitchen (and most roomies conclude I'm a ninja as I'm generally extremely quiet to anyone who isn't hyper-aware of noises already), and my roommate charged out trying to find the water leak.
I realized later she had some sort of monitoring alert on the water heater that woke her up, and because the house was dark because I didn't want to wake anyone up with lights so her cameras were dark too, she went into a panic instead of using her common sense. I'd accidentally evaded half her surveillance trying to be a considerate roomie while I washed something quietly in the dark and she lost her frickin' mind.
The guy I rent a room from has an app on his garage door that alerts him every time it opens so now I have to answer for it every time I fucking do anything in the garage (which is the quickest way for me to go in and out of the house). It's so annoying. I got home 15 minutes early the other day and had a text from him 5 minutes later asking if I got home early. Like... Yea, fuck off dude. I'm about to start going in and out via my window.
Yeah, same lady that freaked because the water heater kicked on at night also had that on her garage. She was absolutely monitoring coming and going by it.
I sometimes contemplate how easy it is for people to be stalker freaks and despair.
Tech Enthusiasts: Everything in my house is wired to the Internet of Things! I control it all from my smartphone! My smart-house is bluetooth enabled and I can give it voice commands via alexa! I love the future!
Programmers/Engineers: The most recent piece of technology I own is a printer from 2004 and I keep a loaded gun ready to shoot it if it ever makes an unexpected noise.
firstdegreeliberty
Best part though?
Security technicians: *takes a deep swig of whiskey* I wish I had been born in the neolithic.
Nah, I have a bunch of stuff and couldn't care less. If someone wants in my home they'll take out a window. Nobody is zero daying their way past a lock 🤣
One of the most draining things about trying to look after privacy is the number of ways other people's choices undermine that.
I don't mean to dump on other people for those choices ... usually... but it's hard that the conveniences they take compromise the privacy that I like and that some others need more.
And what's the worst an internet connected thermostat could do, discomfort you to death? If someone got into my Google account past 2fa etc id have bigger worries.
For me it's more the privacy aspect. IOT devices tend to be network weak points. Things like Alexa constantly listening. I could see myself self hosting home assistant maybe in the future but not of the things smart devices enable are really a value add for me personally.
I think that example is probably the most serious one. If you live in regions that go to -40c you most definitely don't want your thermostat to just stop heating the house.
These iot software are usually minimum viable products with weak security. A zero day for them is fast simpler than trying to get a zero day in windows.
For example, I had a friend that worked at one of these companies, that recently lost a lot of money, and while he was there they had their master keys in the git repo on GitHub. At this point they were well past a billion dollar valuation.
Keeping internet of shit devices on separate vlan is a good practice, but the apps on your phone still gather your data.
For the robot vacuum, when it brakes, you can look into valetudo supported models. It's a firmware hack that kills the cloud component and exposes it through a local http server, works very well.
As for the dishwasher you could probably use a localy controlled smart socket with power monitoring to send a notification via home assistant when the power draw goes below certain threshold. Either zigbee/z-wave socket if you have other smart devices on these protocols, or a wifi tasmota device can work.
This may be a bit too far for some, but I believe we should keep our data safe, and if this is what it takes, then I am doing it.
Been in IT for 18 years. I have smart home stuff because i got tired of sitting down on the couch with my beer, que poped for my game and then realizing i forgot to turn off the kitchen light. So yup, smart house, cameras, locks etc because it's fun. Can someone hack my house? Sure, but they could just as easily put a brick through the window and come in. A lot more people are qualified to do that than hack my voice controlled lights.
Lemmy in general has a hard-on for google/windows/non-Foss hate and extreme privacy :) Double edged sword imo, it's probably what makes lemmy great, but the whole shtick also becomes old fast :)
Personally I'll stick to my Google assistance, windows gaming pc and limited privacy (anonimity to a reasonable degree, almost no pictures of myself or my family on public social media).
it’s probably what makes lemmy great, but the whole shtick also becomes old fast :)
It's also what will make lemmy fail. Average users are pretty much bullied away back to Reddit. If you want Reddit to fail, you can't make the alternative a shittier more toxic place to be. Lemmy currently has ~30K active monthly users and dropping steadily.
Personally with that number dropping, I don't see many instances staying up, as it's not free to operate, and app developers will surely dwindle.
Lemmy is absolutely not a welcoming place if you are interested in anything other than public transit, linux, or FOSS. Lemmy will end up like VOAT. Lemmy may not be filled with child porn, fat hate, and trans hate like VOAT was, but Lemmy is definitely filled with extremists.
It's not what makes Lemmy great. It's paranoid Luddite nonsense. I mean if people want to live like that fine, but as an engineer with a properly secured home network I think it's obnoxious.
Similar. I take what I consider to be reasonable precautions... I have smarthome stuff but I stick with standards that work locally, or if I must look elsewhere then I aim for FOSS and/or reputable companies. I avoid social media, and avoid putting much of my Identity online.
Other than that... I dunno, we already live in the privacy post-apocalypse. It's unavoidable, someone is recording you in every store, some friend will inevitably post some picture of you on Facebook, you're going to have to deal with people who prefer WhatsApp over Signal or whatever. Just enjoy it and don't stress.
I'm an IT professional, specifically in infosec, and it's silly to go to those extremes. I have tons of smart home devices, and they're all perfectly secure since I run Home Assistant and block them from the internet with a firewall.
The good thing is that you don't need to know which ports to block. You just set your firewall up to deny by default and then start whitelisting the things you want to allow.
Even easier if you put your "smart" devices in a separate network, then it's just:
Allow traffic from home net to Internet
allow traffic from home net to iot-net
drop the rest
Now you can surf the internet, control your devices and they can't phone home
you mean I dont need to have my toilet connected to the internet with a massive, gaping back door that could easily allow my entire network to be compromised, followed shortly there after my email and critical financial accounts?
Tbh...I feel in general people should protect more their internally networks as well... So even if one device gets compromised, the effects of it are limited.
The fears are a bit overblown anyway. If you use Google search, Amazon ordering, Facebook,Tik Tok, Instagram, an android phone, Gmail, or any website that runs ads... these companies know everything about you already.
And it's extremely unlikely that someone would use the vulnerabilities in smart home tech to do anything to any individual home. They have to specifically target your home, know what devices are on your network, know how to gain access to them and the internal network, somehow know how to get into a file server that almost nobody runs or get into a running desktop or laptop, and even then you have to have something worth stealing.
It's just... not going to happen.
An argument can absolutely be made to keep the smart IOT products away from corporate and government offices though.
True to some extent, but I think a lot people give these firms too much credit.
Your microwave will not send your food heating data to NSA. At best the manufacturer uses it to see how people use their appliances.
Voice guided home assistants might send sound to servers for analysis, but even then it's just the stuff you actively sent to be used as a query. When they're listening for activation messages "passively", this data does not get sent outside of the device. This conception really bothers me as it really propagates an illusion that we've already lost and have no control.
There's no need to covertly spy when the biggest data is given voluntarily through the TikToks, Facebooks and Twitters of the world.
I have a couple Google Minis, and an OG Nest thermostat. I do what I can to minimize leaks of personal info, but face it, Google already knows almost everything about you unless you also still use a landline, and pay cash for everything.
I have some cameras and am getting a video doorbell, but those are self-hosted, not a Ring or anything. The video never leaves the house.
ALL that said , I absolutely refuse to get a smart Garage door opener or Door lock. I definitely draw the line at making physical access to my home available to the Internet.
Yeah, smart locks are scary to me. It may be the most secure thing ever but it is inevitable to have a flaw... And now the person has even more access, who knows what information a smart lock can leak...
Smart locks are also notoriously easy to bypass physically. They put a bunch of effort into software security and seemingly don't put any effort into the actual lock design.
Look I get it... But you should know you're average lock... The one on your house can be picked faster than anyone can be bothered with to "hack" your lock.
The best home security is having a well lit font door and a visible camera pointing at someone (whether it's real or not).
After that, if someone wants in... They are coming in. Usually they'll try when you're not there and hopefully pictures and documents are stored / backed up in several locations. Rest of your shit insurance can replace.
This "I work in IT but I don't know how to mitigate risk" grandstanding kills me.
It's OK to not like home automation, but to claim it's because you're super knowledgeable but in a way that displays obvious ignorance kills me.
These people aren't more knowledgeable, they are either lazy, ignorant or just trying to justify why they don't like something in a way that makes them feel superior (see options one and two, but shitier personality).
I've been in tech my whole life, first in IT, now I'm a software developer and educated as an engineer. I have an IoT setup because it makes life easier, the security stuff also is a big time deterrent for would-be thieves. I know the stuff isn't super secure in itself but I don't get the paranoia, you tote your phone around everywhere, what do you think that's doing? Also, they only use your data to try to sell you shit, it's nothing nefarious and if it ever becomes so, it's time to dump everything and live in the woods.
For me, it's mostly the principle of the thing. It is none of a company's business what I do and where I go and what I buy, and the more smart devices you have, the more information they can gather.
You can't stop it, but personally, I see no reason to make it easy for them.
This is pretty much where I'm at. It's too difficult to fully stop data collection without having to live off the grid, but I sure as shit will block every single ad on my devices. So really they can collect as much data as they want but I won't let them use it to sell me their garbage.
Having a phone with you at all times and refusing to use tech in your house is like getting a super size big mac but saying you're healthy because you got a diet coke.
I too have a monitored home security system: Ring, but with no Ring cameras. I'm completely fine with it as I'm paying someone to essentially "watch my house" for me. I'm not concerned they can see door, motion, and glass break sensors.
But every other IoT device in my house is limited to the local network and controlled through Home Assistant. Not only is it far more secure and eliminates the privacy issues -- it's a better experience. Everything is integrated, automated exactly the way I want them to be, and controlled through a single app I configured to suit me.
$5 a month for a VPS running a wireguard VPN server gets me a secure, reliable connection between the app and home server.
As an engineer married to a programmer listen we all make our choices in convenience vs security. My loaded gun is aimed at my smart bulbs for when I decide they’ve been listening in on me. The wife doesn’t like that I bought them.
Man, the real problem with smart devices is that most of the time they don't listen to me. I can't count the times that I've had to repeat "Hey Google" 4 times, louder every time, until it finally hears me. And then starts playing music instead of turning off the lights.
In all seriousness I do agree though - it really is a balancing act between convenience and security.
I’m not too sure about that. I self host A LOT. Like far and away many more things than most people will and the amount of time and effort it takes to keep things working is minimal at most.
I have a "smart home" but all of those IoT devices are on an isolated VLAN with no WAN or ability to reach other VLANS. Only the necessary ports are exposed so that home assistant can see them.
The real challenge is finding devices that work without the need to phone home.
This is simply the best scenario, taking advantage of new technology, while not being exposed to its disadvantages.
Actually, this is how stuff should have been project, without the user having to intervene in order to be secure nd not to be abused by corporations, but well...
I also didn’t give my stove the WiFi password to enable the ability to remotely burn down the house.
But yeah, I work in IT and avoid smart home and IoT stuff because it’s understood to be insecure and expected to have a shorter life than simpler tech.
Yeah gotta be awesome to get your whole house turned off because some dump delivery guy though he might have heard would be racist word via ring bell. Gotta love self entitlement of these "smart" corpos.
IT professional of 15 years here. I have all the smart home shit and I love it. It's all on a separate VLAN, I have MAC address filtering network-wide and I have a firewall. I understand being burnt out by your job and not wanting to deal with it when you get home, but I love my work and my smart home stuff is robust enough that all I ever have to do is replace alarm sensor batteries once or twice a year. You can have both.
I have very minimal smarts in my home. I'm jaded and over it all, and you can guarantee the shitty devs producing this stuff couldn't care less, while working for actively hostile mega-corps.
Fuck that. Having said that, there are compromises - my TV does get out to the internet and I have a win 11 PC in the lounge as the primary machine.
If I had the emotional energy I'd start fiddling with nessus or whatever the new flavour is, to confirm my suspicions but I just don't need the burnout
Unless you want to live like a luddite, you can find ways to have the best of both worlds.
As a fairly seasoned IT veteran I think it boils down to the tradeoffs between security, privacy, and convenience--just like at work. I'm sure most of us have implemented things in less secure ways to accomodate a business need. When you do that at work, you just try to mitigate that risk as best you can by putting other measures or controls in place. I do that at home.
Everyones tradeoff decision will be different, but at some point, for me, the convenience of some IOT and smarthome devices outweighs the security and privacy concerns. Or at the very least I realized its a weird hill to die on as we use our android phones, google for searches, gmail, instagram, etc. I am sure some of you have completely divested yourself of all of those services and have GrapheneOS installed on your phone and use OpenStreetMaps to get yourself lost. Most of use still use a few of those.
That said, I think the nerdiest and most security privacy saavy among us in the IT field can implement it in a fairly secure way. Pfsense,Ubnt, ofsense,openwrt routers with vlan segregation for traffic. IDS/IPS, pihole local dns, etc. You can absolutely make it so devices only communicate in ways that you approve. With things like VPNs (tailscale), Cloudflare tunnels, etc you can access your stuff securely without exposing any admin things to the public web.
Digital locks are fine, just get one with a mechanical lock too. I have a digital lock on my front door that I can program with keycodes but it also has a key. I can give the cleaners a temp code if I need to. I can give my neighbors a code if they watch the house while I am away for a long time, then I can get expire it when I return. The analogue alternative is arguably less secure.
That is basically my requirement for smarthome or connected devices. I need to be able to control it to a level that I feel comfortable and if it fails or isn't connected it still needs to work. IE no smart light switches that don't function if the wifi is down--they still need to be a switch. My nest thermostat still works without wifi. My smart plugs still work without wifi. If any of those things was hacked or compromised, they are completely segregated from anything of actual value on my network--and depending on the device it wouldn't be able to see anything else at all.
For major appliances, I dont see the value of any 'smart' features built in (yet), so I won't be buying them anytime soon but if I did they'd still have to meet the "still needs to work in 'dumb' mode" requirement--smart, connected features are extra not required to function.
I work in IT as well, specifically networking. The bottom of the stack.
I have built my home network to be better and more reliable than the networks I operate for my workplace.
The reason? Most high end network stuff is more or less set and forget. If you buy cheap stuff, like unmanaged switches and AIO wifi routers, you end up dealing with them a lot because they're not built to be reliable. The Cisco 3750E I use as the main switch in my house, had several years of uptime when I shut it down and moved house at the end of last year. It worked perfectly that entire time. After I tuned the Cisco aironet "WiFi 4" (802.11n) access points for that place, and got all the wireless networks set up with the right security and a complex password for my SSID, I didn't touch that either, and I didn't have to revisit the settings at all. The business grade firewall I was using was my most touched item, mainly in adjusting port forwarding and such. I replaced the off brand DSL modem from my ISP with a Cisco router to handle the physical WAN link and I never had to reboot a modem.
Sure, there were times that my internet went down, I'd log in to my Cisco router and see what's up, and usually the EHWIC-VA-DSL module would tell me that there's no carrier on the POTS line or something, which is not my problem. At most, I would reload the DSL module (I didn't have to reboot the router to do this) and it would resync, but even that was extraordinarily rare. I had a small stack of equipment in the corner of the bedroom we were using as an office, which almost none of it made any significant noise, and the only time there was a significant outage, was when I intentionally turned it all off to clean dust from the equipment and give it a deep cleaning (at that time it has gotten notably louder, but still not loud. The cleaning made it very quiet again).
DNS and DHCP have been the only real problems with this set up, as I'm running them both on raspberry Pi units, one does just DNS, the other does DNS and DHCP. I log in regularly to hit the update button and I don't do much more with it than that. I run my DNS this way because I use split DNS (to resolve specific internal domains over VPNs on my firewall), and DHCP is done this way because it's way easier and more reliable to manage them over webmin than using the Cisco or firewall interface.
I probably touch it for less than 10hrs over the year, and the most notable outage I had was when I involuntarily upgraded from a raspberry Pi (first gen) to the r.pi 3, when the SD card in my first pi died (it literally had a crack going through it) and I had no choice but to either repair or replace it, I temporarily turned on the DHCP on my firewall and set DNS for a public resolver until I could have two pi3 units sent to me with all the bells and whistles I needed (SD cards, cases, power adapters, etc), which is when I promptly rebuilt the system. Two pi3 replaced my single pi1, and the only non redundant part of it is DHCP right now.... So I try to keep a copy of my dhcpd config, just in case.
Everything runs on a UPS unit, and it's incredibly reliable.
I recently updated to using newer WiFi 5 (802.11ac wave 2) access points, and I moved to an updated controller (Cisco 2504), and I've been trying to work out the kinks in the system, not the last of which is that my access points aren't properly placed and mounted. That's been my only trouble recently and it's otherwise been a pretty solid system.
I've been using this, or some form of it, for at least 7 years, with minor improvements as I go. Namely the recent addition of the newer access points, and the replaced Pi's, but I also upgraded the 3750E to a 3750X when I moved, and I upgraded the firewall to a newer version of the same as I was using before.
I could talk about this all day if given the chance.... Yet people insist on their AIO wifi routers that may only last a couple years, and either die, or are obsolete enough that they're replaced. I don't think I've sunk more than $400 into this set up and it has run for 7-8 years and will continue to run for many many more.
Laugh all you want about my wifi 4/802.11n, but we had a 50mbps line at that location and the wifi significantly outpaced what the internet connection could do. It was always fast and responsive, and far more reliable than any other network I've managed.
Exactly this. All that whitebox shit running Tuya firmware will fight you to be controlled without access to their datacenters. Local-only protocols like ZigBee are alright. If it needs a WiFi connection, it needs to be totally local or running a firmware like ESPHome otherwise it's a return.
Don't they, like, network wirelessly with each other to reach your home network? That's a potential vulnerability at first, and when closed-source, a potential wireless backdoor into your home network.
Like phones do? this is how Find my iPhone works as well as many other mesh technologies in that arena.
This battle is already lost in that regard, though you can trust that it's very unlikely that someone passes by your house with an active smart plug switch or light bulb
Your network is only as secure as it's weakest link, IoT devices are a liability unless they are on their own isolated network and who has the time to set that shit up to open their blinds from a phone?
Actually, I hadn't thought about the router and I'm panicking now. My router is some MR9600, and the speeds through it are great, but I feel like I over paid for something that I can't install my own firmware on. I think my pi.hole is the DCHP anyway, and now I'm really thinking I need to find a new router
Have a look at mikrotik devices. OpenWRT images are actually kinda rare for them, but not because they're locked down (they're not) but because the included Linux with proprietary userland is very, very, neat: Those things administer like ISP-grade routers (which mikrotik also sells), not servers. No shell access, so if you want to run other shit on there make sure that there's an OpenWRT image, the hardware is definitely decent and well-priced.
You can buy some used mini-PC with reasonable CPU (i3-4150 handles Gigabit QoS with a lot of overhead) and USB-Ethernet connector with drivers supported by OpenWrt (eg. something from Tp-Link). With that and some used AP you'll have a setup cheaper and better than any "real" router.
My strategy is just be unpredictable af. Use FOSS as much as possible. Dont use google services except maybe google maps. Make an active effort to decouple accounts. Treat phone number 2fa like the plague.
If someone spends more than 30 seconds loitering in my driveway, I get a picture message. If my garage door is opened I get a critical message. Then if my interior garage door is opened I get a different critical message.
If my garage door is left open for more then 30 minutes or any of my exterior doors are left open I get a message.
I get notifications when any particular user unlocks my front door and if someone fails to unlock it.
The only thing I have that's online that pisses me off is my microwave. It has a big clock on the face. When I moved in I said there's no fucking way I'm connecting that to the internet. Why invite trouble? So I went through its menuing system and I set the time. The next day it was off by a minute I figure oh I must have just caught it right at the end of the minute it's probably just off a little bit. The next day it's off by 2 minutes the next day just over 3 minutes. I go through the men used to see if there's some way to disable the clock, there's not. So I can either connect my microwave to the internet and let it get time, or forever have a wrong clock in my kitchen. The worst thing is it's not even using NTP where I could just give it that port and call it a day, It pulls it's time by making a black box SSL connection back to its mothership.
I can confirm most of the people who say and believe this shit don't have a clue what they're talking about and just want to appear superior to others.
This is the correct answer. The bulb itself doesn't necessarily have to be FOSS. Really you just need bulbs operating on something other than wifi, and ideally without a proprietary hub. Hue bulbs can be made to run on ZigBee. Z-Wave bulbs also exist. Then controlling them should happen through HA. If it's just LED strips, ESP controlled ones are a great option.
Ikea has pretty good "smart" bulbs. They use zibee, so you don't need their controller. You can use a raspberry pi with a usb zigbee antenna connected to it, and Home Assistant installed to give you all the features you would want, while keeping it 100% local.
Maybe. I'm in cyber security, people tell me I'm pretty decent at it. I have smart everything in my house, but I also use opnSense in my hardware router, have a span port to Security Onion and laugh at the logs, repurpose old desktops as servers for media or whatever, keep most things local except for a few backups, and have battery/UPS backups for my intranet and critical systems.
Sr IT engineer here. I've somehow come full circle and now have an entire smarthome setup. It's running on a IoT network so it can't see my other devices, but I'm sure that some poor Amazon employee has to watch me walk around in my underwear from my robot vacuum camera. I just don't care anymore.
Please don't start a puppy mill and hitting your partner and shaming your kids. Staying away from too much tech is ok though. Not sure about having a horse, too much work and it is probably as expensive as buying ink for a printer. ;)
At some point, you just realize that in no project, there is enough budget to do even just mediocre security or correctness. And the few projects that actually require certifications for that, they rely on technology so old that it's hard to believe they'd actually fulfill these criteria either.
And then you realize that you're already considered an expensive expert. That companies try to further cut down on costs by outsourcing to basically untrained workers or, hell, LLMs.
I use ZWave with Home Assistant for every light switch and fan in my house. It integrates with Google Assistant, but not bound to it. Google's server connects to my Home Assistant device for control, not the other way around.
The most troublesome devices I have are are some light+fan modules that use WiFi because they run on Tuya. There is really no other alternative and it fails all the time.
Avoid WiFi devices as much as possible, especially those that require Internet. Even Bluetooth is better.
Never use SmartThings. Samsung's AWS-based servers may go down in Europe and lock you out of control. They're just overall flaky to the point I've had to reverse engineer some protocols to control my previous home's mini-splits locally. My current Samsung fridge stops reporting to Home Assistant randomly and I've given up trying to maintain it.
DDI engineer here. I use smart home stuff. Fully kitted out locks, cameras, Google home, smart lights, etc. that said, I also use pfsense, a dmvpn, and run a private caching name server. If someone hacks into my shit, then I deserve it and will learn from the experience. Also yes, I know the Google home, smart tv, FBI, and the Zoroaster prophet are listening to me, and no, I don't care.
People seem to think there are hackers driving around using smart home tech to hack into private home networks... that's just not a thing.
And your internal network should not be exposed to the Internet, so there's no reason somebody should be able to hack into it from the outside because of a smart device phone home.
The privacy concerns are valid, but if you're concerned, you need to stop using the Internet. Because Facebook and Google ads already know everything about you.
Same for me. I counted how much I was printing in one year, realized that the ink was drying out because I do not print enough and just the cleaning cycle before printing wastes so much of the ink, not to mention the "I can't print black text because magenta is out". I now print at the copy shop. A bit less convenient, but it is their responsibility to make the stupid thing work and it is so so so much cheaper. Also I do not need a shotgun in the house anymore :D
According to whomever figured out the caloric count, there's something in the whiskey that gives an extra 20 calories per shot. The only alcohol that contains more alcohol for less calories than vodka is grain alcohol, and I don't need to be that drunk
In the vodka, yeah. According to the FDA/ATF whomever does the caloric testing, Vodka has fewer calories than any other alcohol, for the amount of alcohol, with the exception of Everclear, and other almost pure alcohols. I also don't need to be that drunk.
Mechanical lock manufacturers are a fucking clown show and the very concept is fundamentally flawed. I don't know if I hate it more than the IoT/cloud bullshit, but it's up there.
Mechanical locks CAN be designed well. If you put good security pins in there and have decent springs in them and make the exterior of the lock out of a good material they can be way more secure than any digital "smart" lock
So can even the most superfluous IoT devices, though. It's just that they aren't.
they can be way more secure than any digital “smart” lock
Typical mechanical locks are fundamentally flawed. Think of it like this: They are opened by a short combination of digits, represented by the key. There is no lock-out mechanism if someone keeps trying to guess the combination, even if they try many per second and there is no user-friendly way of resetting the combination if it has been compromised.
The tolerances, even in good locks, have to be high enough to enable attackers to guess the combination digit by digit, not as a whole, significantly reducing the time needed to guess it. You can try to mitigate this a little with special pins and weird key ways, but it's ultimately a necessity, otherwise the lock would constantly fail to open or even break.
When you have a master-keyed system, the digits represented by the master key (the root password, essentially) will always be lower or equal to any non-master key you find. This, too, can be exploited, allowing an attacker to safely derive a master key from any other key in the system.
Also, keys can be reproduced from photographs. That alone is a disastrous flaw. Just imagine the CVEs that would be written about the flaws above, and the manufacturer's response. "But you need skills for that" is never an excuse in the digital realm, it shouldn't be in the analog either.
Meanwhile a well-implemented digital lock has all the important components on the other side of the door, exposing only a contactless card reader to interact with. The cards or tokens aren't dumb data storage, they support public/private authentication, meaning they can not be copied by someone walking up to you with a high-powered reader. There is no port to connect to, no pins to jiggle, just a dumb NFC reader that you can't even open non-destructively.
As an aside, I always got ragged on by my fellow coders for always doing things "the right way", but I tell you, every single time I tried to take a shortcut, there was the raptor.
It was a hard-earned lesson that stayed with me throughout my whole career.
15+ year sysadmin, I don't have smart home anything cause I don't want more shit to manage when I'm not working.
I barely touch my home network and servers cause I wait til something is obsolete or broken, then I replace with something that will have a long life and set it up to manage itself wherever possible. Some friends have really cool self hosted smart home setups and they like working on it as a hobby, not for me but I enjoy seeing them soldering boards for it and all that.
My security is simply not keeping anything important on my computer/phone so if anything goes wrong, it ain't no thing to just wipe the drives and start over from scratch.
We have only one "smart home" tool (except for our smart TV, smartphones and tablets). A Blink camera to watch the aquraium when we are on vacation (when we aren't it's not plugged in). When we went on a 3 week vacation this summer I unplugged the Fritz!Box router just before leaving, because "Ah, why leave it on?" Noticed it 300km later. I don't think we'll ever be a smart home.
I spent a chunk of change 7 years ago to get cameras, alarm system, smart garage door, smart lights, and some speakers and I haven't spent a penny since except for some little batteries for the alarm sensors. Not sure what you're on about
Problem is most mechanical locks aren't very good either. See lock picking lawyer on YouTube. Plus, the weakest link in electronic infrastructure is often physical. I can't find it right now, but there are some pretty amusing red team videos on YouTube of various physical vulnerabilities. I think people know more about the shortcomings of their particular area, so are more likely to use the things they don't specialize in.
LPL's channel basically teaching us to be aware of cheap, lousy lock that can be easily picked or worst bypassed thus prevent opportunist theft, not that lock should be unpickable. Good electronic lock is just too unnecessarily expensive, and if people really want to go in, they will find another way, completely bypass your expensive lock.
Yep, completely true for me at least. I have a colleague who has everything smart though, so it's certainly not everyone, but I keep my house intentionally as dumb as possible. The only household thing I have that is "smart" is my robot vacuum, but we hardly ever use it anymore because doing it with a good old fashioned vacuum cleaner is so much quicker.
Edit: I do have a smart tv as well, actually, but with google assistant and the microphone disabled.
My wife and I don't use smartphones but use alexa devices. Im not sure at what point convenience wins over the privacy I would want. Wish I had more time to work out better solutions. Sorta funny that in general younger folk tend to accept more than older given that older folk have less to lose. I mean the closer death is the less you need to worry much about what they are going to get off you.
I have no home automation stuff. My tech at home is a
disconnected from the Internet wired home security camera.
Dd-wrt on the router.
The only real techy thing I have is a pihole running a raspberry pi. Other than that my house is dumb. I despise my smart tvs because I can't control them (webos).
Can indeed confirm. I'm the first (tech enthusiast), slowly becoming the second. My dad is the second. He upgraded from windows 7 to windows 10 a few months ago. Like he knows tech, he just cbf about it. I was the first but then realized that smart home stuff is not worth it for my usecase.
I hate cable management less than I hate mice and keyboards running out of charge when I'm in the middle of using them. Why can't they come in pairs so that all I have to do is swap them out when they're flat.
The only reason I got rid of all of my smart home stuff (besides Google Home and ONE smart plug) was because of how unreliable that shit was. Not because of the "spying". Otherwise I might as well destroy my phone and unplug my internet line.
I'd ask Google to turn something on/off, and it wouldn't. Sometimes just straight up ignore me, or tell me it did it, but it didn't. Or when I'd tell it to turn something off and it would instead turn something else ON.
I just got to the point where I was screaming and getting angry all the time, and realized it's not worth it. I may be annoyed to get out of bed or walk downstairs to turn something off, but at least it's only momentarily, not an internal fucking rage.
It used to be great. They somehow got worse over the years. I tried using Home Assistant, but it just doesn't hit the same, especially since it doesn't fix the voice command problem. If I have to grab my phone to control stuff, I might as well just take a few steps, too.
The only smart plug I have left is to charge my eBike battery. Turns on when I plug it in, and turns off when it's charged.
You can't just shoot a printer if it makes "unexpected noise".
It's a printer for crying out loud. That's what it does.
I mean, my laser printer has pretty regular sound patterns and usually just does weird maintenance noises sometimes. But I remember the era when everyone had an inkjet, hoo boy, you tried to print a page and then there was a bunch of really incomprehensible noises and then you might get a printout, maybe.
There is way too much automation. Like, it's not healthy having a house that does everything and a car that literally drives you to where you want to go. People will have no sense of achievement because everything is already done for them
I don't get much sense of achievement turning lights on and off manually. Do you? That's cool I guess. Programming my house to respond to my whims like the Enterprise computer does feel pretty fucking awesome though. I like driving my car, but if we can design a car to operate more safely and take the responsibility for managing a 2 ton death machine out of the hands of irresponsible idiots then I think that idea is worth consideration.
That's pretty ableist, since what you might see as "not healthy" literally provides someone else with access the world around them and/or the ability to do things they were previously unable.
Either way, the problem isn't automation, it's who is in control of, and profiting from, the automation and the information it collects.
Are you seriously asking me to send you the tumour they pulled out of my friends head cuz they throw that stuff in the bin. Be better than this.
And for your own sake look up 123 classes of Bluetooth and it’s history. For YOUR own sake. Look after yourself. You’re not my job. Btw you’re welcome.