It’s perfectly possible to have a smart home that does not call home. Home Assistant is an amazing piece of software that can allow smart devices from different manufacturers talk to each other without connecting to a cloud service — all done locally.
This is the only way I would go about it. Maybe in the future if I really want it but really, the more tech, the more vulnerabilities. I’m fine with manually turning things on and off even if it’s self hosted.
Unfortunately, no. Ultimately it’s a tiny computer that happens to produce light when a certain gpio pin is enabled. The light bulb is the portion you see, but inside, it’s an internet-connected microcontroller. I’ve even seen smart devices that internally run a full Linux distro complete with a shell session you can access if you know what you’re doing.
The problem is that some of these firmwares and/or exploits for these firmwares actively scan your local network and report things. Further, they can be used as a jumping off point for attacks deeper in your network.
You can have plenty of smart home stuff without this junk using stuff like home assistant and keeping devices like this from phoning home. Some products won’t work at all without an internet connection but plenty still do.
Ah yes to make your lights work, we need all your data. Stuff like this is why I don’t have “smart” anything.
It’s perfectly possible to have a smart home that does not call home. Home Assistant is an amazing piece of software that can allow smart devices from different manufacturers talk to each other without connecting to a cloud service — all done locally.
This is the only way I would go about it. Maybe in the future if I really want it but really, the more tech, the more vulnerabilities. I’m fine with manually turning things on and off even if it’s self hosted.
deleted by creator
Unfortunately, no. Ultimately it’s a tiny computer that happens to produce light when a certain gpio pin is enabled. The light bulb is the portion you see, but inside, it’s an internet-connected microcontroller. I’ve even seen smart devices that internally run a full Linux distro complete with a shell session you can access if you know what you’re doing.
The problem is that some of these firmwares and/or exploits for these firmwares actively scan your local network and report things. Further, they can be used as a jumping off point for attacks deeper in your network.
deleted by creator
And what about the zigbee hub, assuming you didn’t know enough to use homeassistant or some such?
Or a wifi bulb?
Point is, consumer smart electronics don’t have the same attention to security paid to them.
Fwiw, I’m not anti-smart device. I run HA and have all kinds of smart crap, so clearly I accept at least part of the risk.
But saying “it’s just a light bulb” is disingenuous as best.
deleted by creator
The LIFX bulbs announced your WiFi password to anyone who asked. This is not a breach of the bulb itself, it’s a gateway to your LAN.
deleted by creator
I don’t want to be annoyed
It opens up another vector for attacking other sensitive devices on my network. I haven’t segregated my network so I don’t feel safe doing this.
If i understand correctly this is Home Assistant saying that Hue is taking away that ability on devices people have already bought and installed.
That’s about the hue hub. The bulbs are still Zigbee and can be controlled 100% remotely with HA and a Zigbee dongle.
deleted by creator
You can have plenty of smart home stuff without this junk using stuff like home assistant and keeping devices like this from phoning home. Some products won’t work at all without an internet connection but plenty still do.