Can IT confirm?

Home Assistant. Offline smart home automation you can control.

Home doesn't have to be 100% dumb in 2023. But you have to do a little work for it.

Bonus: your smart home will be more capable and interconnected than any of the commercial smart home options because they are all busy trying to control the entire ecosystem and sue each other. (maybe Matter changes that but I'm not holding my breath)

Also for security cameras, connect them to something like a Synology NAS so you have the recordings locally and then configure a firewall to block the cameras from any internet access.
Viewing the cams remotely just means using a VPN to connect to your network and then connecting to the NAS.
It's possible to maintain privacy/control and still use modern tech.
- One thing I would say is that the camera stream will hammer those disks. They will always be busy. I chose not to run this way and instead loaded up a W10 VM with Blue Iris. I have the vm on a dedicated VM server with raid1 SSDs.
  My Synology has large disks and does other duties. That’s the main reason I didn’t want that extra I/O.
- What tics me off is a lot of the big box store brands of cameras don’t allow you to save locally - they don’t bother putting in the feature because then they couldn’t sell you a cloud storage subscription, or they just have the audacity to lock it behind a paywall so you have to pay a subscription to use your own damn hardware.
- Honestly I rarely use voice controls for my setup. It’s all time/motion triggers. Voice commands are for weird one offs.
- This is HomeAssistant’s year of the voice. It’s all built in now; they just released wake word capabilities.
- Google because they have the best voice control and I've already given them my data through Gmail, search, and for many years chrome. It's the one compromise I make because the product is good enough it's worth the cost to me. But if you don't want them having your data, your voice options are pretty limited.
- It's really easy to control it with voice by basically replacing Google assistant on an android device. Look up the Wyoming Protocol interaction in Home Assistant
- Not OP, but I use Google Assistant at the moment. Gonna switch as soon Home Assistant makes it possible.
- You can use Sonos speakers or any generic smart speaker that is not bound to a brand (like Google /Alexa)
  Pro tip, Ikea smart speakers are rebranded Sonos at lower prices, and come hidden in all kinds of furniture forms.
  However you don't need to wholesale jump to HA and lose voice. For $8 CAD I got the Nabu-casa HA cloud assistant and SSL proxy (portal to your home HA without need to punch holes in firewalls) and their cloud assistant integrates with Google or Alexa.
  So you can tie everything together and then move things over to the HA ecosystem as you have time, eventually cutting the Google/Amazon limbs off.
- You supposedly can connect Google home/Alexa to Home Assistant but it's not for the feint of heart. I'm just starting this and it's not a weekend project. Might be a few days before it's up and running.
  The main issue holding me back is that I don't want Amazon to link my house electronics to my actual account.
  I set it up on its own VLAN and I'm starting to onboard it but hit a bump when it asked for my Amazon account credentials. So when I have some free time, I'm going to create a dummy Amazon account that will be used to control Alexa. Probably hook it up with a Privacy credit card set to burn after the first purchase with a limit of $5.
  There is a plan to integrate these more tightly into Home Assistant, but it won't be for a while.
Ooh whenever I have the budget for this it looks amazing
- It can be a bit of work, but if you’re a tech geek you’ll enjoy shopping for / making compatible devices and getting it all set up.

Software developer. Having my home constantly phoning home to megacorporations sounds creepy, but more importantly, none of these smart home products solve a problem. They just add additional points of failure to appliances that have historically been sufficiently reliable.

Software developer. The frequency of stupid features that PMs request, followed by our urgency to implement it as fast as possible has opened up so many bugs and issues. Knowing that, why the hell would I want to open up potential failure to things I expect to work 100% of the time, like a toaster?
- Software programmer. I have a Google Home running because I'm lazy af and like to be able to verbally turn on/off lights. I also use it to combat ADHD symptoms because saying "set an alarm" is less likely to distract me from what I'm doing than pulling out my phone is.
Indeed. Like what is fridge? Motor with piston in a puddle of oil and a thermostat. Why the fuck it needs any corpo bullshit?
Smart lights solve a problem. I have LEDs with programmable scenes that I can swap to easily. I don’t have white light constantly on all times of the day.
- "Alexa! Switch to lighting configuration 'McLuvin'".
- Even better, have them on a timer and geofence like I do. When dusk falls, the lights turn on. When the last person leaves, all off. At 1am, all turn off except driveway lights. At dawn, all turn off. I never even interact with my lights anymore because they are automatic.

I can confirm. I don't want technology in my house I don't have full control over. All these "smart devices" that run through smartphone apps in the cloud can fuck themselves. The amount of access most people give these corporations into their lives is insane to me.

Agree. That's why I use ZigBee devices, they have their own offline network.
Softwares like Home Assistant are the only acceptable smart home solution.
I really like the data - to see how weather and my activity influences temperature, air quality, network... I can absolutely see, just in the temperature data, when I get out of bed; air quality shows when I cook, exercise, open windows. Nobody who's not me needs that data, so all the sensors plug into an RPi or, at most, connect through zigbee/bluetooth. I can't even imagine what They can infer from Smart TV or wifi refrigerator, and cameras can fuck right off.
But I can see where, if you like the data but can't figure out how to manage it yourself, cloud devices could seem pretty attractive. Techno-magic and fun to be part of, and there's so many people saying that privacy just doesn't exist anymore. Probably people with an IoT security camera in their bedroom.

This post feels like more than just the privacy aspect. Every day I read about some connected devices going brick because they are no longer supported. Shit, my Roku 4 went brick because they need me to buy a Roku HD, and I suckered up. What're you going to do when your doors won't open because some company decides they don't want to support them, or worse they go under? I am not IT, but why would I want to come home from a day of answering tickets and have to reprogram some proprietary hardware so I can make dinner?

thats why the F in FOSS means free as in freedom
Even worse than your doors getting stuck closed: your vision disappears.
I'm reading Radicalized by Cory Doctorow and the first story haunts me most. (Although I have 1 more to go) He has warned against the IoT Torment Nexus which means "they" are already creating it.
Our refrigerator is over 20 years old. It's now obsolete according to the manufacturer. They recommend replacement over repair. I dread the day we can't bring it back from the dead.
What're you going to do when your doors won't open because some company decides they don't want to
Do not worry my friend. On that day day it will already have been decided that you are only licensing the ability to do so. They will put you in jail for opening your own door, and you'll have given them the legal right to do so in the EULA.

I know some software engineers like that. Some of it is knowing that the companies that make iot devices don’t give a crap about security. Some of it is plain ol paranoia. Mechanical door locks can be picked does that mean you invest in guard dogs? Crime is a thing but so is misanthropy. I think we should take reasonable precautions but believe that there are more good ppl than bad.

Mechanical door locks can be picked, but it must be done at the lock in plain view rather than at a distance sitting in a car while you do the majority of the work and then casually walking up and opening the door. Locks are more of an inconvenience than a deterrent, so it should be made as inconvenient as possible. Connecting them to the internet is the exact opposite of that.
- But more realistically someone robbing your house is going to ring your doorbell to see if someone is home, then just walk around checking for unlocked windows.
- I think CGP Grey has a video about this concept. It's not so much that a mechanic lock is better or more secure.
  It's more that it takes one person $x seconds to break into one lock.
  That's very different than allowing a million people the opportunity to break your digital lock millions of times.
- And my smart lock alerts me when someone unlocks it. Sure it could be hacked, but it is more likely that someone will just kick the door open.
In a meeting with a (business) customer regarding security precautions, my coworker had a great suggestion: we buy a mountain in ~~Switcherland~~ Switzerland, build a bunker there for the servers and hire a private army for protection. The customer liked the idea...
- Is Switcherland on the Ethernet continent?
- Bahnhof has a data centre in Stockholm like that - lots of ex-military bunkers around.
actually good mechanical door locks can only be picked by a handful of people in the world with special tools most of whom are locksmiths
- the word "picked" does a lot of heavy lifting here.
  Most professional thieves won't care about damaging your lock. It's called "breaking" and entering for a reason.
- And a properly secured network can’t be compromised by some amateur thief sitting in their car. Point was that foolproof security is a fantasy.
- And those locks cost hundreds a piece. A "there is a security system here" sign would do more useful work. And a locksmith will tell you that picking is what you try AFTER you just try bypassing the lock entirely. Aka shim the door or break a window. Exactly what a burglar will do if they really wanted in. You do know that your garage door can be disabled with a coathanger threaded inside and grabbing the release hook, right? Or a jack wedged under with a crowbar, right? Or your decorative gnome in the front yard thrown through a window? Locks are a deterrent.
But if my printer ever laughs at my bad jokes I’m keeping my hammer ready, just in case.
It’s not just poor security that’s easily hackable, it’s mainly the unreliability and frustration of having to continue to work when you get home to fix your dam light switch because it doesn’t work because it got out of sync when the microwave is turned on. No thanks.
Locks can be picked, but good locks require picking skills far beyond what the average break and entry will have. They can be drilled, but that's loud and increases the odds of being caught.
A software vulnerability can be triggered silently and will look like you're an expected guest.
They'll likely just smash the window in the back yard though so it's a moot point

There is always a relevant XKCD

Wow. Now I can show it to old ladies who don't know english and live near me when they will mention ДЭГ.

The idea of a smart home? Fck yeah. Having it connected to some elses computer (cloud), fck no!

Having a home server only accessible by tailscale vpn, smart vacuum cleaner connected to it, not exposed to the internet, oh boy i love it!

And: having it locked to the manufacturer('s software), fuck no! Brand does not participate in standardisation? Fuck no!
Im actually ok with having it on s.o. elses computer if this applies.
Oh also: App that flicks a switch cannot be run on potato based system that uses more than an LED would to run, fuck no!

I've had roomies that were in IT, and generally most things weren't "smart" appliances. I think the fanciest thing they had was a plex server. We all know how insecure the IoT is.

I've also had non-IT roomies and yeah, they were putting up surveillance cameras and shit and being super-creepy with monitoring.

I once very, very quietly tried to wash a dish at 1am in the kitchen (and most roomies conclude I'm a ninja as I'm generally extremely quiet to anyone who isn't hyper-aware of noises already), and my roommate charged out trying to find the water leak.

I realized later she had some sort of monitoring alert on the water heater that woke her up, and because the house was dark because I didn't want to wake anyone up with lights so her cameras were dark too, she went into a panic instead of using her common sense. I'd accidentally evaded half her surveillance trying to be a considerate roomie while I washed something quietly in the dark and she lost her frickin' mind.

The guy I rent a room from has an app on his garage door that alerts him every time it opens so now I have to answer for it every time I fucking do anything in the garage (which is the quickest way for me to go in and out of the house). It's so annoying. I got home 15 minutes early the other day and had a text from him 5 minutes later asking if I got home early. Like... Yea, fuck off dude. I'm about to start going in and out via my window.
- Yeah, same lady that freaked because the water heater kicked on at night also had that on her garage. She was absolutely monitoring coming and going by it.
  I sometimes contemplate how easy it is for people to be stalker freaks and despair.
- He’s not as advanced as he thinks he is. I have the same setup for my garage but I also have a camera in the garage that shows who is in the garage.
- Why are you entering/leaving the house through the garage? That seems odd to me.
You must've felt like Batman lol

I use Home Assistant, but none of my “smart-things” is cloud-based, so it all runs locally. Which also makes it much faster and reliable.

I work in IT which is the reason: I self-host my smart home crap with strict firewall between it and my home assistant server.

Image Transcription: Social Media

🖖 Jochen Mader 🇪🇺

I work in IT, which is the reason our house has:

mechanical locks
mechanical windows
routers using OpenWRT
no smart home crap
no Alexa/Google Assistant/...
no internet connected thermostats

association-of-free-people

🤔

elpatron56

Tech Enthusiasts: Everything in my house is wired to the Internet of Things! I control it all from my smartphone! My smart-house is bluetooth enabled and I can give it voice commands via alexa! I love the future!

Programmers/Engineers: The most recent piece of technology I own is a printer from 2004 and I keep a loaded gun ready to shoot it if it ever makes an unexpected noise.

firstdegreeliberty

Best part though?

Security technicians: takes a deep swig of whiskey I wish I had been born in the neolithic.

Good human
- Thanks :3. I think its the first transcription I've done on Lemmy.
legend

as engineer with almost 6 years of experience: 90% of people in general don't give a damn, persoanlly I'm like that

Been in IT for 18 years. I have smart home stuff because i got tired of sitting down on the couch with my beer, que poped for my game and then realizing i forgot to turn off the kitchen light. So yup, smart house, cameras, locks etc because it's fun. Can someone hack my house? Sure, but they could just as easily put a brick through the window and come in. A lot more people are qualified to do that than hack my voice controlled lights.
- As long as everything is local and doesn't rely on the cloud it's generally fine. Hell, I'm making my own voice assistant so it doesn't need the cloud
- Imagine making your own protocol for smart house before it was mainstream.
Lemmy in general has a hard-on for google/windows/non-Foss hate and extreme privacy :) Double edged sword imo, it's probably what makes lemmy great, but the whole shtick also becomes old fast :)
Personally I'll stick to my Google assistance, windows gaming pc and limited privacy (anonimity to a reasonable degree, almost no pictures of myself or my family on public social media).
Life is quite stress-free that way tbh :)
- it’s probably what makes lemmy great, but the whole shtick also becomes old fast :)
  It's also what will make lemmy fail. Average users are pretty much bullied away back to Reddit. If you want Reddit to fail, you can't make the alternative a shittier more toxic place to be. Lemmy currently has ~30K active monthly users and dropping steadily.
  Personally with that number dropping, I don't see many instances staying up, as it's not free to operate, and app developers will surely dwindle.
  Lemmy is absolutely not a welcoming place if you are interested in anything other than public transit, linux, or FOSS. Lemmy will end up like VOAT. Lemmy may not be filled with child porn, fat hate, and trans hate like VOAT was, but Lemmy is definitely filled with extremists.
- It's not what makes Lemmy great. It's paranoid Luddite nonsense. I mean if people want to live like that fine, but as an engineer with a properly secured home network I think it's obnoxious.
- Similar. I take what I consider to be reasonable precautions... I have smarthome stuff but I stick with standards that work locally, or if I must look elsewhere then I aim for FOSS and/or reputable companies. I avoid social media, and avoid putting much of my Identity online.
  Other than that... I dunno, we already live in the privacy post-apocalypse. It's unavoidable, someone is recording you in every store, some friend will inevitably post some picture of you on Facebook, you're going to have to deal with people who prefer WhatsApp over Signal or whatever. Just enjoy it and don't stress.

I like that my dishwasher tells me when it's done via app, and I can't live without my robot vacuum cleaner.

Still, they're on a separate vlan so if they get infected, the malware will look around like the John Travolta meme.

Keeping internet of shit devices on separate vlan is a good practice, but the apps on your phone still gather your data.
For the robot vacuum, when it brakes, you can look into valetudo supported models. It's a firmware hack that kills the cloud component and exposes it through a local http server, works very well. As for the dishwasher you could probably use a localy controlled smart socket with power monitoring to send a notification via home assistant when the power draw goes below certain threshold. Either zigbee/z-wave socket if you have other smart devices on these protocols, or a wifi tasmota device can work.
This may be a bit too far for some, but I believe we should keep our data safe, and if this is what it takes, then I am doing it.
- valetudo
  oh that's great, never heard of it before. Thank you for throwing me into another rabbit hole! :)

I've been in tech my whole life, first in IT, now I'm a software developer and educated as an engineer. I have an IoT setup because it makes life easier, the security stuff also is a big time deterrent for would-be thieves. I know the stuff isn't super secure in itself but I don't get the paranoia, you tote your phone around everywhere, what do you think that's doing? Also, they only use your data to try to sell you shit, it's nothing nefarious and if it ever becomes so, it's time to dump everything and live in the woods.

For me, it's mostly the principle of the thing. It is none of a company's business what I do and where I go and what I buy, and the more smart devices you have, the more information they can gather.
You can't stop it, but personally, I see no reason to make it easy for them.
- Why can't you stop it? LineageOS for your phone, Linux at home, cash at stores.
  People can stop them, and it's not actually that hard.
Having a phone with you at all times and refusing to use tech in your house is like getting a super size big mac but saying you're healthy because you got a diet coke.
- You can control what your phone does too, so there's no need to give up on it all just because a phone is in your pocket.
  As others have mentioned in this thread - AOSP roms like GrapheneOS and LineageOS can do the trick.
Who controls your home, you or a large multi national corporation? It's not paranoia, if you run afoul of that corporation, in an account billing dispute or other minor thing they will not think twice about disabling your access to your house.
And if you destroy their property to get in your house? The police could very well arrest you, because it was you on video who broke into the house.
- Wait... How do you access your home?
This is pretty much where I'm at. It's too difficult to fully stop data collection without having to live off the grid, but I sure as shit will block every single ad on my devices. So really they can collect as much data as they want but I won't let them use it to sell me their garbage.
I too have a monitored home security system: Ring, but with no Ring cameras. I'm completely fine with it as I'm paying someone to essentially "watch my house" for me. I'm not concerned they can see door, motion, and glass break sensors.
But every other IoT device in my house is limited to the local network and controlled through Home Assistant. Not only is it far more secure and eliminates the privacy issues -- it's a better experience. Everything is integrated, automated exactly the way I want them to be, and controlled through a single app I configured to suit me.
$5 a month for a VPS running a wireguard VPN server gets me a secure, reliable connection between the app and home server.

Confirming the opposite here. Network is properly separated and locked down. IoT devices do their thing while I enjoy all the benefits.

IoT devices are still tracking and reporting on you and your family.
- For me, they could be trying to report on it, but the firewall blocks them from the internet.
- Well not if the network is properly separated, that way they can't ever access the public internet, right?
- True to some extent, but I think a lot people give these firms too much credit.
  Your microwave will not send your food heating data to NSA. At best the manufacturer uses it to see how people use their appliances.
  Voice guided home assistants might send sound to servers for analysis, but even then it's just the stuff you actively sent to be used as a query. When they're listening for activation messages "passively", this data does not get sent outside of the device. This conception really bothers me as it really propagates an illusion that we've already lost and have no control.
  There's no need to covertly spy when the biggest data is given voluntarily through the TikToks, Facebooks and Twitters of the world.
Same. IOT vlan where they can’t talk to each other and can’t talk to the intranet unless the connection was established from the intranet

I'm an IT professional, specifically in infosec, and it's silly to go to those extremes. I have tons of smart home devices, and they're all perfectly secure since I run Home Assistant and block them from the internet with a firewall.

block them from the internet with a firewall.
Do they tell you in their manual what ports they work with, or is there a website that will let you know based on a product?
- The good thing is that you don't need to know which ports to block. You just set your firewall up to deny by default and then start whitelisting the things you want to allow.
  Even easier if you put your "smart" devices in a separate network, then it's just:
  Allow traffic from home net to Internet
  allow traffic from home net to iot-net
  drop the rest
  Now you can surf the internet, control your devices and they can't phone home
- You can isolate devices without having to figure out which ports they use.

You know what they say, the S in IoT stands for Security!

I'm in cyber and I don't give a shit, I have smart home stuff

I don't keep the secure stuff accessible to it though

The fears are a bit overblown anyway. If you use Google search, Amazon ordering, Facebook,Tik Tok, Instagram, an android phone, Gmail, or any website that runs ads... these companies know everything about you already.
And it's extremely unlikely that someone would use the vulnerabilities in smart home tech to do anything to any individual home. They have to specifically target your home, know what devices are on your network, know how to gain access to them and the internal network, somehow know how to get into a file server that almost nobody runs or get into a running desktop or laptop, and even then you have to have something worth stealing.
It's just... not going to happen.
An argument can absolutely be made to keep the smart IOT products away from corporate and government offices though.
- If you use Google search, Amazon ordering, Facebook,Tik Tok, Instagram, an android phone, Gmail
  Many people in our little privacy bubble don't though, so those worries are a bit more appropriate here
  (whoops, I thought this post was in a privacy-specific community)

In IT for almost 30 years.

I have a couple Google Minis, and an OG Nest thermostat. I do what I can to minimize leaks of personal info, but face it, Google already knows almost everything about you unless you also still use a landline, and pay cash for everything.

I have some cameras and am getting a video doorbell, but those are self-hosted, not a Ring or anything. The video never leaves the house.

ALL that said , I absolutely refuse to get a smart Garage door opener or Door lock. I definitely draw the line at making physical access to my home available to the Internet.

Yeah, smart locks are scary to me. It may be the most secure thing ever but it is inevitable to have a flaw... And now the person has even more access, who knows what information a smart lock can leak...
Look at a Tesla how poor the netcode is: https://youtu.be/OdzCTEPkCvI?si=1DGrY4hZ8k4p20ho
- Smart locks are also notoriously easy to bypass physically. They put a bunch of effort into software security and seemingly don't put any effort into the actual lock design.
- Look I get it... But you should know you're average lock... The one on your house can be picked faster than anyone can be bothered with to "hack" your lock.
  The best home security is having a well lit font door and a visible camera pointing at someone (whether it's real or not).
  After that, if someone wants in... They are coming in. Usually they'll try when you're not there and hopefully pictures and documents are stored / backed up in several locations. Rest of your shit insurance can replace.
  Start safe, but also live you're life my friends!

Home assistant for the win

This "I work in IT but I don't know how to mitigate risk" grandstanding kills me.
It's OK to not like home automation, but to claim it's because you're super knowledgeable but in a way that displays obvious ignorance kills me.
These people aren't more knowledgeable, they are either lazy, ignorant or just trying to justify why they don't like something in a way that makes them feel superior (see options one and two, but shitier personality).

Yeah gotta be awesome to get your whole house turned off because some dump delivery guy though he might have heard would be racist word via ring bell. Gotta love self entitlement of these "smart" corpos.

Not to mention :

stuff stops getting supported all of sudden
privacy concerns
subscriptions
handing over security to untrustworthy corpo

I'm sure there are more....

Confirmed.

When you understand how things work, you say no.

And not in my car too. Less crap to malfunction.

I have a train line up the road from me. It has warning lights and automatic barriers and there has never been an accident there as far as I know.

I work in IT so I look both ways before I cross it.

I saw a goods train speed by while barriers were up and no red lights, been checking for trains before crossing ever since

If you avoid cloud based systems and self host everything yourself, you can have all that fancy stuff just fine.

You just need a lot of time to keept it all working. However it is getting much better "mature" than what is was just few years ago.
- I’m not too sure about that. I self host A LOT. Like far and away many more things than most people will and the amount of time and effort it takes to keep things working is minimal at most.
How can we help those who don't have enough knowledge to self-host?
- They can listen to the Selfhosted Podcast or Selfhostcast
  Visit beginner oriented self hosted blogs like https://noted.lol/ and https://selfh.st/articles/
  Or get started building with an OS made to make self hosting a bit easier like UnRAID

As an engineer married to a programmer listen we all make our choices in convenience vs security. My loaded gun is aimed at my smart bulbs for when I decide they’ve been listening in on me. The wife doesn’t like that I bought them.

Man, the real problem with smart devices is that most of the time they don't listen to me. I can't count the times that I've had to repeat "Hey Google" 4 times, louder every time, until it finally hears me. And then starts playing music instead of turning off the lights.
In all seriousness I do agree though - it really is a balancing act between convenience and security.
- You're forgetting the 1/100 time where you say nothing and it decides to start listening.
  Glad I don't have any of that garbage around now.

I also didn’t give my stove the WiFi password to enable the ability to remotely burn down the house.

But yeah, I work in IT and avoid smart home and IoT stuff because it’s understood to be insecure and expected to have a shorter life than simpler tech.

I have a "smart home" but all of those IoT devices are on an isolated VLAN with no WAN or ability to reach other VLANS. Only the necessary ports are exposed so that home assistant can see them.

The real challenge is finding devices that work without the need to phone home.

This is simply the best scenario, taking advantage of new technology, while not being exposed to its disadvantages.
Actually, this is how stuff should have been project, without the user having to intervene in order to be secure nd not to be abused by corporations, but well...

Has OpenWRT but doesn't know how to stop smart home gear from leaking data?

Back to school for this fella

I'd argue that most simply cease to work once you cut their Internet access.
- Exactly this. All that whitebox shit running Tuya firmware will fight you to be controlled without access to their datacenters. Local-only protocols like ZigBee are alright. If it needs a WiFi connection, it needs to be totally local or running a firmware like ESPHome otherwise it's a return.
- This is exactly what I'm implying.
  Where internet access is concerned, deny all and whitelist. Not a single company can be trusted to not constantly call home with your data.
Don't they, like, network wirelessly with each other to reach your home network? That's a potential vulnerability at first, and when closed-source, a potential wireless backdoor into your home network.
- Like phones do? this is how Find my iPhone works as well as many other mesh technologies in that arena.
  This battle is already lost in that regard, though you can trust that it's very unlikely that someone passes by your house with an active smart plug switch or light bulb

just make sure the gun is not near the printer so it doesn't shoot you

Freelance IT tech here. I can totally relate to this.

There are selfhosted smart homes fyi

I prefer decentralized ones. Where you don't even need a server and can simply use service discovery protocols once you're in the same subnet.
- Both have their merits. But we can all agree that having a control server somewhere random outside of your control is a bad idea

IT professional of 15 years here. I have all the smart home shit and I love it. It's all on a separate VLAN, I have MAC address filtering network-wide and I have a firewall. I understand being burnt out by your job and not wanting to deal with it when you get home, but I love my work and my smart home stuff is robust enough that all I ever have to do is replace alarm sensor batteries once or twice a year. You can have both.

When you see how the sausage is made you don't want it. Software engineers know how many corners are cut

I have very minimal smarts in my home. I'm jaded and over it all, and you can guarantee the shitty devs producing this stuff couldn't care less, while working for actively hostile mega-corps.

Fuck that. Having said that, there are compromises - my TV does get out to the internet and I have a win 11 PC in the lounge as the primary machine.

If I had the emotional energy I'd start fiddling with nessus or whatever the new flavour is, to confirm my suspicions but I just don't need the burnout

Privacy in big tech is not driven with the mindset of "it's better for the user", but with "it's better to cover our ass legally".
- Except it isn't. Companies openly flagrantly get caught violating your privacy again, and again.
  And the legal cost to do so is always, ALWAYS LESS than the profit made violating your privacy.
  Privacy protection in America is dead.

IoT is terrible, and typically proprietary. I prefer the FOSS and SelfHosted route. But as it turns out, I too prefer a less online set of home items.

Can confirm. Technology is a disaster waiting to happen.

I work in IT as well, specifically networking. The bottom of the stack.
I have built my home network to be better and more reliable than the networks I operate for my workplace.
The reason? Most high end network stuff is more or less set and forget. If you buy cheap stuff, like unmanaged switches and AIO wifi routers, you end up dealing with them a lot because they're not built to be reliable. The Cisco 3750E I use as the main switch in my house, had several years of uptime when I shut it down and moved house at the end of last year. It worked perfectly that entire time. After I tuned the Cisco aironet "WiFi 4" (802.11n) access points for that place, and got all the wireless networks set up with the right security and a complex password for my SSID, I didn't touch that either, and I didn't have to revisit the settings at all. The business grade firewall I was using was my most touched item, mainly in adjusting port forwarding and such. I replaced the off brand DSL modem from my ISP with a Cisco router to handle the physical WAN link and I never had to reboot a modem.
Sure, there were times that my internet went down, I'd log in to my Cisco router and see what's up, and usually the EHWIC-VA-DSL module would tell me that there's no carrier on the POTS line or something, which is not my problem. At most, I would reload the DSL module (I didn't have to reboot the router to do this) and it would resync, but even that was extraordinarily rare. I had a small stack of equipment in the corner of the bedroom we were using as an office, which almost none of it made any significant noise, and the only time there was a significant outage, was when I intentionally turned it all off to clean dust from the equipment and give it a deep cleaning (at that time it has gotten notably louder, but still not loud. The cleaning made it very quiet again).
DNS and DHCP have been the only real problems with this set up, as I'm running them both on raspberry Pi units, one does just DNS, the other does DNS and DHCP. I log in regularly to hit the update button and I don't do much more with it than that. I run my DNS this way because I use split DNS (to resolve specific internal domains over VPNs on my firewall), and DHCP is done this way because it's way easier and more reliable to manage them over webmin than using the Cisco or firewall interface.
I probably touch it for less than 10hrs over the year, and the most notable outage I had was when I involuntarily upgraded from a raspberry Pi (first gen) to the r.pi 3, when the SD card in my first pi died (it literally had a crack going through it) and I had no choice but to either repair or replace it, I temporarily turned on the DHCP on my firewall and set DNS for a public resolver until I could have two pi3 units sent to me with all the bells and whistles I needed (SD cards, cases, power adapters, etc), which is when I promptly rebuilt the system. Two pi3 replaced my single pi1, and the only non redundant part of it is DHCP right now.... So I try to keep a copy of my dhcpd config, just in case.
Everything runs on a UPS unit, and it's incredibly reliable.
I recently updated to using newer WiFi 5 (802.11ac wave 2) access points, and I moved to an updated controller (Cisco 2504), and I've been trying to work out the kinks in the system, not the last of which is that my access points aren't properly placed and mounted. That's been my only trouble recently and it's otherwise been a pretty solid system.
I've been using this, or some form of it, for at least 7 years, with minor improvements as I go. Namely the recent addition of the newer access points, and the replaced Pi's, but I also upgraded the 3750E to a 3750X when I moved, and I upgraded the firewall to a newer version of the same as I was using before.
I could talk about this all day if given the chance.... Yet people insist on their AIO wifi routers that may only last a couple years, and either die, or are obsolete enough that they're replaced. I don't think I've sunk more than $400 into this set up and it has run for 7-8 years and will continue to run for many many more.
Laugh all you want about my wifi 4/802.11n, but we had a 50mbps line at that location and the wifi significantly outpaced what the internet connection could do. It was always fast and responsive, and far more reliable than any other network I've managed.

I work in retail, which is the reason why my house is shit.

Your network is only as secure as it's weakest link, IoT devices are a liability unless they are on their own isolated network and who has the time to set that shit up to open their blinds from a phone?

DDI engineer here. I use smart home stuff. Fully kitted out locks, cameras, Google home, smart lights, etc. that said, I also use pfsense, a dmvpn, and run a private caching name server. If someone hacks into my shit, then I deserve it and will learn from the experience. Also yes, I know the Google home, smart tv, FBI, and the Zoroaster prophet are listening to me, and no, I don't care.

People seem to think there are hackers driving around using smart home tech to hack into private home networks... that's just not a thing.
And your internal network should not be exposed to the Internet, so there's no reason somebody should be able to hack into it from the outside because of a smart device phone home.
The privacy concerns are valid, but if you're concerned, you need to stop using the Internet. Because Facebook and Google ads already know everything about you.

Goddamn right.

Actually, I hadn't thought about the router and I'm panicking now. My router is some MR9600, and the speeds through it are great, but I feel like I over paid for something that I can't install my own firmware on. I think my pi.hole is the DCHP anyway, and now I'm really thinking I need to find a new router

Have a look at mikrotik devices. OpenWRT images are actually kinda rare for them, but not because they're locked down (they're not) but because the included Linux with proprietary userland is very, very, neat: Those things administer like ISP-grade routers (which mikrotik also sells), not servers. No shell access, so if you want to run other shit on there make sure that there's an OpenWRT image, the hardware is definitely decent and well-priced.
You can buy some used mini-PC with reasonable CPU (i3-4150 handles Gigabit QoS with a lot of overhead) and USB-Ethernet connector with drivers supported by OpenWrt (eg. something from Tp-Link). With that and some used AP you'll have a setup cheaper and better than any "real" router.
I really like Asus routers with Asus Merlin if you want some extra features but don't need anything too crazy

IT since the 90's.

I have all those things and more, and 6 seperate VLAN's with isolation, strong rules, alerting and honeypots in all the right places.

Just to be able to turn the washing machine without walking to it?
- Most of my automations are practical.
  If someone spends more than 30 seconds loitering in my driveway, I get a picture message. If my garage door is opened I get a critical message. Then if my interior garage door is opened I get a different critical message.
  If my garage door is left open for more then 30 minutes or any of my exterior doors are left open I get a message.
  I get notifications when any particular user unlocks my front door and if someone fails to unlock it.
  The only thing I have that's online that pisses me off is my microwave. It has a big clock on the face. When I moved in I said there's no fucking way I'm connecting that to the internet. Why invite trouble? So I went through its menuing system and I set the time. The next day it was off by a minute I figure oh I must have just caught it right at the end of the minute it's probably just off a little bit. The next day it's off by 2 minutes the next day just over 3 minutes. I go through the men used to see if there's some way to disable the clock, there's not. So I can either connect my microwave to the internet and let it get time, or forever have a wrong clock in my kitchen. The worst thing is it's not even using NTP where I could just give it that port and call it a day, It pulls it's time by making a black box SSL connection back to its mothership.

My strategy is just be unpredictable af. Use FOSS as much as possible. Dont use google services except maybe google maps. Make an active effort to decouple accounts. Treat phone number 2fa like the plague.

Maybe. I'm in cyber security, people tell me I'm pretty decent at it. I have smart everything in my house, but I also use opnSense in my hardware router, have a span port to Security Onion and laugh at the logs, repurpose old desktops as servers for media or whatever, keep most things local except for a few backups, and have battery/UPS backups for my intranet and critical systems.

I have smart lights because I like the light to get warmer throughout the day but that's it, does anyone have a foss solution? Google is unhelpful.

Home assistant and its various alternatives
- This is the correct answer. The bulb itself doesn't necessarily have to be FOSS. Really you just need bulbs operating on something other than wifi, and ideally without a proprietary hub. Hue bulbs can be made to run on ZigBee. Z-Wave bulbs also exist. Then controlling them should happen through HA. If it's just LED strips, ESP controlled ones are a great option.
Easy difficulty: arduino + LED strip
Medium difficulty: cheapest stm32 + LED strip
Hard difficulty: cheapest chinese 8051 microcontroller + LED strip
Electric difficulty: timer relays + regular lightbulbs
Novichok: discrete logic + opamp + lots of passive components + LED strip
Soviet engieneering: discrete logic + opamp + lots of passive components + thyristors + light bulbs
- I was about to suggest photoresistors/photodiodes for the lolz. I must be a communist.
An inverted daylight detector with redstone lamp
Ikea has pretty good "smart" bulbs. They use zibee, so you don't need their controller. You can use a raspberry pi with a usb zigbee antenna connected to it, and Home Assistant installed to give you all the features you would want, while keeping it 100% local.
Dimmable light switch
- I said warmer not dimmer, plus that wouldn't be automatic.
- Doesn't affect bulb temp unless they're a very specific, not very good brand of bulbs that Tech Connections loves/hates.

I've known plenty of security admins who were bad at their jobs.

My entire family, 20+ people, multiple generations, are pretty much all CS/engineers. We all have smart home shit that depends on wifi etc.

Sr IT engineer here. I've somehow come full circle and now have an entire smarthome setup. It's running on a IoT network so it can't see my other devices, but I'm sure that some poor Amazon employee has to watch me walk around in my underwear from my robot vacuum camera. I just don't care anymore.

I’m one bad day away from going Amish.

Please don't start a puppy mill and hitting your partner and shaming your kids. Staying away from too much tech is ok though. Not sure about having a horse, too much work and it is probably as expensive as buying ink for a printer. ;)

Yes to all of the above

Once you see how its all a cash grab, really turns you off.

I spent a chunk of change 7 years ago to get cameras, alarm system, smart garage door, smart lights, and some speakers and I haven't spent a penny since except for some little batteries for the alarm sensors. Not sure what you're on about
- 7 years is a pretty short time. But as is obvious from your comment... you can easily see what I'm talking about lmao. What a disaster of a reply.
- Not sure what you’re on about
  It's literally on your reply

At some point, you just realize that in no project, there is enough budget to do even just mediocre security or correctness. And the few projects that actually require certifications for that, they rely on technology so old that it's hard to believe they'd actually fulfill these criteria either.

And then you realize that you're already considered an expensive expert. That companies try to further cut down on costs by outsourcing to basically untrained workers or, hell, LLMs.

I think of the cost. My smart home stuff gets hacked on it's own network and then? Oh no, you can turn my lights off

You avoid smart home crap because they're insecure.

I avoid smart home crap because i'm poor.

We're not the same.

Mechanical lock manufacturers are a fucking clown show and the very concept is fundamentally flawed. I don't know if I hate it more than the IoT/cloud bullshit, but it's up there.

Vodka, not whiskey. I don't need any extra calories

They should have the same amount of calories, given they have the same ABV.
- According to whomever figured out the caloric count, there's something in the whiskey that gives an extra 20 calories per shot. The only alcohol that contains more alcohol for less calories than vodka is grain alcohol, and I don't need to be that drunk
You do realize the calories come from the alcohol, right?
- Oh shit, what?
- In the vodka, yeah. According to the FDA/ATF whomever does the caloric testing, Vodka has fewer calories than any other alcohol, for the amount of alcohol, with the exception of Everclear, and other almost pure alcohols. I also don't need to be that drunk.

I use ZWave with Home Assistant for every light switch and fan in my house. It integrates with Google Assistant, but not bound to it. Google's server connects to my Home Assistant device for control, not the other way around.

The most troublesome devices I have are are some light+fan modules that use WiFi because they run on Tuya. There is really no other alternative and it fails all the time.

Avoid WiFi devices as much as possible, especially those that require Internet. Even Bluetooth is better.

Never use SmartThings. Samsung's AWS-based servers may go down in Europe and lock you out of control. They're just overall flaky to the point I've had to reverse engineer some protocols to control my previous home's mini-splits locally. My current Samsung fridge stops reporting to Home Assistant randomly and I've given up trying to maintain it.

There is way too much automation. Like, it's not healthy having a house that does everything and a car that literally drives you to where you want to go. People will have no sense of achievement because everything is already done for them

I don't get much sense of achievement turning lights on and off manually. Do you? That's cool I guess. Programming my house to respond to my whims like the Enterprise computer does feel pretty fucking awesome though. I like driving my car, but if we can design a car to operate more safely and take the responsibility for managing a 2 ton death machine out of the hands of irresponsible idiots then I think that idea is worth consideration.
Managing to get out of bed counts.
- ah, you're a project manager
Heaven forbid people get their sense of achievement through hobbies and art instead of the doldrums of survival.
- I have executive dysfunction so it's really hard to get myself to do things so I feel a sense of achievement when I do.
That's pretty ableist, since what you might see as "not healthy" literally provides someone else with access the world around them and/or the ability to do things they were previously unable.
Either way, the problem isn't automation, it's who is in control of, and profiting from, the automation and the information it collects.
Boy, it sounds like your life is real sad
lol
Does doing the dishes manually give you a sense of pride an accomplishment or something?
No, they're chores for me lmao. I'd gladly let something do these things for me and actually spend my time doing something more productive or fun.

Mostly true. I haven’t owned a printer since 2012.

Same for me. I counted how much I was printing in one year, realized that the ink was drying out because I do not print enough and just the cleaning cycle before printing wastes so much of the ink, not to mention the "I can't print black text because magenta is out". I now print at the copy shop. A bit less convenient, but it is their responsibility to make the stupid thing work and it is so so so much cheaper. Also I do not need a shotgun in the house anymore :D
- Yeah the way I see it a printer is just expensive clutter and frankly the walk to the library is probably good for me

Work IT. Can confirm given the current hackability state of both tech chips and human brains, I'd rather be in the cretaceous.

I mean, what's the worst that could happen?

As an aside, I always got ragged on by my fellow coders for always doing things "the right way", but I tell you, every single time I tried to take a shortcut, there was the raptor.
It was a hard-earned lesson that stayed with me throughout my whole career.
- It was a hard-earned lesson that stayed with me throughout my whole career.
  So you could say it's become a ( •_•)>⌐■-■
  hard-coded lesson. (⌐■_■)

Do you mean room level or "I'm at home" level?

I hate wireless tech

Except when it comes to desk utilities. God I hate cable management.

Am I shady for not wanting Jeff besos watching me take a dump it's ridiculous how we've gotten to the point that just because some people don't want mega corporations watching them relax in their home they are automatically suspicious of doing shady stuff like imagine if these companies were people would you feel comfortable with someone watching you shop sleep take a crap watch movies fr the only reason we are ok with this stocking is because the stocker is really far away using bugs that follow orders
- No, you're shady for writing a paragraph without finishing a single sentence!
I enjoy messing around with the home automation stuff but I'm using a raspberry pi and have a NAS, so essentially a local cloud. Nothing goes up to AWS or whatever

No, smart everything, Google everywhere.

Problem is most mechanical locks aren't very good either. See lock picking lawyer on YouTube. Plus, the weakest link in electronic infrastructure is often physical. I can't find it right now, but there are some pretty amusing red team videos on YouTube of various physical vulnerabilities. I think people know more about the shortcomings of their particular area, so are more likely to use the things they don't specialize in.

LPL's channel basically teaching us to be aware of cheap, lousy lock that can be easily picked or worst bypassed thus prevent opportunist theft, not that lock should be unpickable. Good electronic lock is just too unnecessarily expensive, and if people really want to go in, they will find another way, completely bypass your expensive lock.

I remember back when Bluetooth headphones were brand new as were the many head/ear tumours before they downgraded the signal to be less strong.

This is why I wait about 5 yrs after the test study subjects (tech enthusiasts) are still standing before I even chance a new technology

Do you have a link to something I can read about this bluetooth tumors thing?
- Are you seriously asking me to send you the tumour they pulled out of my friends head cuz they throw that stuff in the bin. Be better than this.
  And for your own sake look up 123 classes of Bluetooth and it’s history. For YOUR own sake. Look after yourself. You’re not my job. Btw you’re welcome.

15+ year sysadmin, I don't have smart home anything cause I don't want more shit to manage when I'm not working.

I barely touch my home network and servers cause I wait til something is obsolete or broken, then I replace with something that will have a long life and set it up to manage itself wherever possible. Some friends have really cool self hosted smart home setups and they like working on it as a hobby, not for me but I enjoy seeing them soldering boards for it and all that.

We have only one "smart home" tool (except for our smart TV, smartphones and tablets). A Blink camera to watch the aquraium when we are on vacation (when we aren't it's not plugged in). When we went on a 3 week vacation this summer I unplugged the Fritz!Box router just before leaving, because "Ah, why leave it on?" Noticed it 300km later. I don't think we'll ever be a smart home.

My security is simply not keeping anything important on my computer/phone so if anything goes wrong, it ain't no thing to just wipe the drives and start over from scratch.

The only reason I got rid of all of my smart home stuff (besides Google Home and ONE smart plug) was because of how unreliable that shit was. Not because of the "spying". Otherwise I might as well destroy my phone and unplug my internet line.

I'd ask Google to turn something on/off, and it wouldn't. Sometimes just straight up ignore me, or tell me it did it, but it didn't. Or when I'd tell it to turn something off and it would instead turn something else ON.

I just got to the point where I was screaming and getting angry all the time, and realized it's not worth it. I may be annoyed to get out of bed or walk downstairs to turn something off, but at least it's only momentarily, not an internal fucking rage.

It used to be great. They somehow got worse over the years. I tried using Home Assistant, but it just doesn't hit the same, especially since it doesn't fix the voice command problem. If I have to grab my phone to control stuff, I might as well just take a few steps, too.

The only smart plug I have left is to charge my eBike battery. Turns on when I plug it in, and turns off when it's charged.

Yep, completely true for me at least. I have a colleague who has everything smart though, so it's certainly not everyone, but I keep my house intentionally as dumb as possible. The only household thing I have that is "smart" is my robot vacuum, but we hardly ever use it anymore because doing it with a good old fashioned vacuum cleaner is so much quicker.

Edit: I do have a smart tv as well, actually, but with google assistant and the microphone disabled.

Can indeed confirm. I'm the first (tech enthusiast), slowly becoming the second. My dad is the second. He upgraded from windows 7 to windows 10 a few months ago. Like he knows tech, he just cbf about it. I was the first but then realized that smart home stuff is not worth it for my usecase.

Kind of, but with OPNsense for the router.

Can confirm.

I have no home automation stuff. My tech at home is a

disconnected from the Internet wired home security camera.

Dd-wrt on the router.

The only real techy thing I have is a pihole running a raspberry pi. Other than that my house is dumb. I despise my smart tvs because I can't control them (webos).

My wife and I don't use smartphones but use alexa devices. Im not sure at what point convenience wins over the privacy I would want. Wish I had more time to work out better solutions. Sorta funny that in general younger folk tend to accept more than older given that older folk have less to lose. I mean the closer death is the less you need to worry much about what they are going to get off you.

You can't just shoot a printer if it makes "unexpected noise".

It's a printer for crying out loud. That's what it does.

I mean, my laser printer has pretty regular sound patterns and usually just does weird maintenance noises sometimes. But I remember the era when everyone had an inkjet, hoo boy, you tried to print a page and then there was a bunch of really incomprehensible noises and then you might get a printout, maybe.

moved landline to Gvoice 15 years ago and set it to dnd. house phone never rings. get a transcript of any voicemail.

I think anyone with even rudimentary knowledge about computers would agree.

Yeah I am so awesome BTW I typed this on an Android smart phone /s

Coward.

Yes?