Home Assistant. Offline smart home automation you can control.
Home doesn’t have to be 100% dumb in 2023. But you have to do a little work for it.
Bonus: your smart home will be more capable and interconnected than any of the commercial smart home options because they are all busy trying to control the entire ecosystem and sue each other. (maybe Matter changes that but I’m not holding my breath)
Also for security cameras, connect them to something like a Synology NAS so you have the recordings locally and then configure a firewall to block the cameras from any internet access.
Viewing the cams remotely just means using a VPN to connect to your network and then connecting to the NAS.
It’s possible to maintain privacy/control and still use modern tech.
One thing I would say is that the camera stream will hammer those disks. They will always be busy. I chose not to run this way and instead loaded up a W10 VM with Blue Iris. I have the vm on a dedicated VM server with raid1 SSDs.
My Synology has large disks and does other duties. That’s the main reason I didn’t want that extra I/O.
What kind of SSDs? I hope you bought enterprise or you are going to get a nasty surprise in about a year…
Eh, even if your prediction came true, it is not so nasty if it happens. I have others and rebuilding is an inconvenience. I also have backups.
I went for the Crucial mx500 ones. They seemed to have the more positive reviews when I last checked. We will see.
I use Enterprise drives in mine set up with Synology Hybrid Raid and a full copy of the NAS on another “NAS” (it’s actually a USB attached storage from QNAP).
Also, set the video streams to h264 or h265 and the bandwidth is lower.
It’s been fine so far.
I’d you’re rich enough to own your own security cameras I think you can afford some hard drives.
That’s ridiculous. The disks were far more than the cameras. And why be wasteful of those costs I’ve already shouldered? I am as miserly as I can be when spending on my infrastructure.
If you can’t afford the disks I’m wondering how you can afford a house
But I mean, that’s the price of security cameras. You just gotta accept you will need to cycle disks every once in a while, and delete old data.
Why do you think I cannot afford more disks? Or a house? You incorrectly assume too much and seem unnecessarily argumentative.
I have already bought the disks and see no reason to work them overly hard for camera surveillance. I worked out another solution that others might be interested in. That’s what this thread is about.
Maybe I should have clarified a bit then, but
I really don’t see why you would need to own security cameras if you don’t own a house? If you’re renting that’s not your job, and if you live in an apartment… Well, why do you need security cameras in your apartment? Unless you own the building?
My point was mostly that like, a couple of disks is not a big expense, and not something I feel is worth fussing over, personally.
Perhaps he can afford things because he knows how to apply his knowledge to be more frugal with things like this. If you can work around disk lifespan limitations, you’d be wasteful not to do so.
What tics me off is a lot of the big box store brands of cameras don’t allow you to save locally - they don’t bother putting in the feature because then they couldn’t sell you a cloud storage subscription, or they just have the audacity to lock it behind a paywall so you have to pay a subscription to use your own damn hardware.
What do you use for a voice assistant/ speaker mic set up?
That’s the only thing holding me back. And the Mycroft stuff blew up. :(
Honestly I rarely use voice controls for my setup. It’s all time/motion triggers. Voice commands are for weird one offs.
This is HomeAssistant’s year of the voice. It’s all built in now; they just released wake word capabilities.
deleted by creator
Not OP, but I use Google Assistant at the moment. Gonna switch as soon Home Assistant makes it possible.
You can use Sonos speakers or any generic smart speaker that is not bound to a brand (like Google /Alexa)
Pro tip, Ikea smart speakers are rebranded Sonos at lower prices, and come hidden in all kinds of furniture forms.
However you don’t need to wholesale jump to HA and lose voice. For $8 CAD I got the Nabu-casa HA cloud assistant and SSL proxy (portal to your home HA without need to punch holes in firewalls) and their cloud assistant integrates with Google or Alexa.
So you can tie everything together and then move things over to the HA ecosystem as you have time, eventually cutting the Google/Amazon limbs off.
Thanks for this. I am going to look into it.
It’s really easy to control it with voice by basically replacing Google assistant on an android device. Look up the Wyoming Protocol interaction in Home Assistant
Google because they have the best voice control and I’ve already given them my data through Gmail, search, and for many years chrome. It’s the one compromise I make because the product is good enough it’s worth the cost to me. But if you don’t want them having your data, your voice options are pretty limited.
You supposedly can connect Google home/Alexa to Home Assistant but it’s not for the feint of heart. I’m just starting this and it’s not a weekend project. Might be a few days before it’s up and running.
The main issue holding me back is that I don’t want Amazon to link my house electronics to my actual account.
I set it up on its own VLAN and I’m starting to onboard it but hit a bump when it asked for my Amazon account credentials. So when I have some free time, I’m going to create a dummy Amazon account that will be used to control Alexa. Probably hook it up with a Privacy credit card set to burn after the first purchase with a limit of $5.
There is a plan to integrate these more tightly into Home Assistant, but it won’t be for a while.
Ooh whenever I have the budget for this it looks amazing
It can be a bit of work, but if you’re a tech geek you’ll enjoy shopping for / making compatible devices and getting it all set up.
Software developer. Having my home constantly phoning home to megacorporations sounds creepy, but more importantly, none of these smart home products solve a problem. They just add additional points of failure to appliances that have historically been sufficiently reliable.
Software developer. The frequency of stupid features that PMs request, followed by our urgency to implement it as fast as possible has opened up so many bugs and issues. Knowing that, why the hell would I want to open up potential failure to things I expect to work 100% of the time, like a toaster?
Software programmer. I have a Google Home running because I’m lazy af and like to be able to verbally turn on/off lights. I also use it to combat ADHD symptoms because saying “set an alarm” is less likely to distract me from what I’m doing than pulling out my phone is.
Indeed. Like what is fridge? Motor with piston in a puddle of oil and a thermostat. Why the fuck it needs any corpo bullshit?
Smart lights solve a problem. I have LEDs with programmable scenes that I can swap to easily. I don’t have white light constantly on all times of the day.
“Alexa! Switch to lighting configuration ‘McLuvin’”.
Hey Google, it’s sexy time
Even better, have them on a timer and geofence like I do. When dusk falls, the lights turn on. When the last person leaves, all off. At 1am, all turn off except driveway lights. At dawn, all turn off. I never even interact with my lights anymore because they are automatic.
I could, but I don’t operate within a time window. I like having my colored lights on when I’m gaming, but white when I’m working or cleaning, which could be after 5.
I could geofence them, but it’s difficult with a wife when we have different schedules. Don’t wanna be changing each other’s lights. Haha
I was more being rhetorical and speaking to how my lights are set up :)
I can confirm. I don’t want technology in my house I don’t have full control over. All these “smart devices” that run through smartphone apps in the cloud can fuck themselves. The amount of access most people give these corporations into their lives is insane to me.
Agree. That’s why I use ZigBee devices, they have their own offline network.
Softwares like Home Assistant are the only acceptable smart home solution.
I really like the data - to see how weather and my activity influences temperature, air quality, network… I can absolutely see, just in the temperature data, when I get out of bed; air quality shows when I cook, exercise, open windows. Nobody who’s not me needs that data, so all the sensors plug into an RPi or, at most, connect through zigbee/bluetooth. I can’t even imagine what They can infer from Smart TV or wifi refrigerator, and cameras can fuck right off.
But I can see where, if you like the data but can’t figure out how to manage it yourself, cloud devices could seem pretty attractive. Techno-magic and fun to be part of, and there’s so many people saying that privacy just doesn’t exist anymore. Probably people with an IoT security camera in their bedroom.
This post feels like more than just the privacy aspect. Every day I read about some connected devices going brick because they are no longer supported. Shit, my Roku 4 went brick because they need me to buy a Roku HD, and I suckered up. What’re you going to do when your doors won’t open because some company decides they don’t want to support them, or worse they go under? I am not IT, but why would I want to come home from a day of answering tickets and have to reprogram some proprietary hardware so I can make dinner?
thats why the F in FOSS means free as in freedom
Even worse than your doors getting stuck closed: your vision disappears.
What’re you going to do when your doors won’t open because some company decides they don’t want to
Do not worry my friend. On that day day it will already have been decided that you are only licensing the ability to do so. They will put you in jail for opening your own door, and you’ll have given them the legal right to do so in the EULA.
I’m reading Radicalized by Cory Doctorow and the first story haunts me most. (Although I have 1 more to go) He has warned against the IoT Torment Nexus which means “they” are already creating it.
Our refrigerator is over 20 years old. It’s now obsolete according to the manufacturer. They recommend replacement over repair. I dread the day we can’t bring it back from the dead.
Wow. Now I can show it to old ladies who don’t know english and live near me when they will mention ДЭГ.
I know some software engineers like that. Some of it is knowing that the companies that make iot devices don’t give a crap about security. Some of it is plain ol paranoia. Mechanical door locks can be picked does that mean you invest in guard dogs? Crime is a thing but so is misanthropy. I think we should take reasonable precautions but believe that there are more good ppl than bad.
In a meeting with a (business) customer regarding security precautions, my coworker had a great suggestion: we buy a mountain in
SwitcherlandSwitzerland, build a bunker there for the servers and hire a private army for protection. The customer liked the idea…Is Switcherland on the Ethernet continent?
I knew it was a mistake to not to check dow it’s spelled
Dats chrazy
Bahnhof has a data centre in Stockholm like that - lots of ex-military bunkers around.
actually good mechanical door locks can only be picked by a handful of people in the world with special tools most of whom are locksmiths
the word “picked” does a lot of heavy lifting here.
Most professional thieves won’t care about damaging your lock. It’s called “breaking” and entering for a reason.
And if your door is super reinforced better hope your wall is too
Yeah but how many people looking for a smash and grab are going to bring tools to cut through a wall instead of just going next door or through the window?
And a properly secured network can’t be compromised by some amateur thief sitting in their car. Point was that foolproof security is a fantasy.
I think the real point is that mechanical locks don’t track when you leave and enter your home like electronic ones do. Not whether they are better or worse than mechanical.
Point is reducing attack surface by not having internet connected lock 🙄
A “hacker” breaking into your house is a fantasy. If some one wants in they are….breaking….into your house. Ie breaking your door or window. Mechanical or not doesn’t make a difference. It’s all security theater. However you can know the status of internet connected locks at least.
I’m not just talking about locks. I’m talking about the concept of IoT itself.
And those locks cost hundreds a piece. A “there is a security system here” sign would do more useful work. And a locksmith will tell you that picking is what you try AFTER you just try bypassing the lock entirely. Aka shim the door or break a window. Exactly what a burglar will do if they really wanted in. You do know that your garage door can be disabled with a coathanger threaded inside and grabbing the release hook, right? Or a jack wedged under with a crowbar, right? Or your decorative gnome in the front yard thrown through a window? Locks are a deterrent.
But if my printer ever laughs at my bad jokes I’m keeping my hammer ready, just in case.
It’s not just poor security that’s easily hackable, it’s mainly the unreliability and frustration of having to continue to work when you get home to fix your dam light switch because it doesn’t work because it got out of sync when the microwave is turned on. No thanks.
Locks can be picked, but good locks require picking skills far beyond what the average break and entry will have. They can be drilled, but that’s loud and increases the odds of being caught.
A software vulnerability can be triggered silently and will look like you’re an expected guest.
They’ll likely just smash the window in the back yard though so it’s a moot point
The idea of a smart home? Fck yeah. Having it connected to some elses computer (cloud), fck no!
Having a home server only accessible by tailscale vpn, smart vacuum cleaner connected to it, not exposed to the internet, oh boy i love it!
Image Transcription: Social Media
🖖 Jochen Mader 🇪🇺
I work in IT, which is the reason our house has:
- mechanical locks
- mechanical windows
- routers using OpenWRT
- no smart home crap
- no Alexa/Google Assistant/…
- no internet connected thermostats
association-of-free-people
🤔
elpatron56
Tech Enthusiasts: Everything in my house is wired to the Internet of Things! I control it all from my smartphone! My smart-house is bluetooth enabled and I can give it voice commands via alexa! I love the future!
Programmers/Engineers: The most recent piece of technology I own is a printer from 2004 and I keep a loaded gun ready to shoot it if it ever makes an unexpected noise.
firstdegreeliberty
Best part though?
Security technicians: *takes a deep swig of whiskey* I wish I had been born in the neolithic.
Good human
Thanks :3. I think its the first transcription I’ve done on Lemmy.
legend
I’ve had roomies that were in IT, and generally most things weren’t “smart” appliances. I think the fanciest thing they had was a plex server. We all know how insecure the IoT is.
I’ve also had non-IT roomies and yeah, they were putting up surveillance cameras and shit and being super-creepy with monitoring.
I once very, very quietly tried to wash a dish at 1am in the kitchen (and most roomies conclude I’m a ninja as I’m generally extremely quiet to anyone who isn’t hyper-aware of noises already), and my roommate charged out trying to find the water leak.
I realized later she had some sort of monitoring alert on the water heater that woke her up, and because the house was dark because I didn’t want to wake anyone up with lights so her cameras were dark too, she went into a panic instead of using her common sense. I’d accidentally evaded half her surveillance trying to be a considerate roomie while I washed something quietly in the dark and she lost her frickin’ mind.
The guy I rent a room from has an app on his garage door that alerts him every time it opens so now I have to answer for it every time I fucking do anything in the garage (which is the quickest way for me to go in and out of the house). It’s so annoying. I got home 15 minutes early the other day and had a text from him 5 minutes later asking if I got home early. Like… Yea, fuck off dude. I’m about to start going in and out via my window.
Yeah, same lady that freaked because the water heater kicked on at night also had that on her garage. She was absolutely monitoring coming and going by it.
I sometimes contemplate how easy it is for people to be stalker freaks and despair.
deleted by creator
Doesn’t make a difference. I still get the text/phone call. If I let it ring he’ll come ask me about it when he gets home. I think he just gets a rush from it because he’s got nothing interesting going on in his life and it makes him feel like he’s on top of something for once.
deleted by creator
He’s not doing it to harass me. I come and go as I please and they don’t complain. It’s literally just because of that stupid notification he gets on his phone and he fixates on it for some stupid old man reason. It’s just an annoyance I have to deal with so I’m venting on here. The rent situation is really cheap so I don’t want to rock the boat too much by complaining to them about shit they do that bothers me.
It doesn’t matter what he intends; what matters is the actual effect it has on you.
To an extent yea. But the benefits of renting from him far outweigh this one annoyance. I would be paying 500+ more every month for anyplace else I looked at. I just need to deal with it until I can save enough for a down payment on a house of my own.
Start throwing around phrases like “quiet enjoyment.”
He’s not as advanced as he thinks he is. I have the same setup for my garage but I also have a camera in the garage that shows who is in the garage.
I’m not going to give him any more ideas.
deleted by creator
You must’ve felt like Batman lol
I use Home Assistant, but none of my “smart-things” is cloud-based, so it all runs locally. Which also makes it much faster and reliable.
Nah, I have a bunch of stuff and couldn’t care less. If someone wants in my home they’ll take out a window. Nobody is zero daying their way past a lock 🤣
“im not actually too worried about my privacy and data being misused, im worried about everyone’s being misused, and that it’s being normalized”
And folks wonder why I’m in a constant state of existential dread, we all know it won’t stop there if the corpocunts have anything to say about it.
One of the most draining things about trying to look after privacy is the number of ways other people’s choices undermine that.
I don’t mean to dump on other people for those choices … usually… but it’s hard that the conveniences they take compromise the privacy that I like and that some others need more.
Fun that “crypto nerd” has changed meaning since then
Not to be confused with crypto bro.
Nobody is zero daying their way past a lock 🤣
It would be a cheap way of creating onlyfans content though.
If I found out my convulsing into my partner would make money idk do it in a heart beat 🤣
If I found out my convulsing into my partner would make money idk do it in a heart beat 🤣
Who said you’d get the money though. That fine print you always agree to would say any content from the security cameras would be owned by them.
I would easily undercut with direct to consumer via OF after I understood the true value of my cock.
And what’s the worst an internet connected thermostat could do, discomfort you to death? If someone got into my Google account past 2fa etc id have bigger worries.
For me it’s more the privacy aspect. IOT devices tend to be network weak points. Things like Alexa constantly listening. I could see myself self hosting home assistant maybe in the future but not of the things smart devices enable are really a value add for me personally.
You don’t need home devices to lose your privacy like that. Your phone’s themselves are constantly listening in.
Was talking to the wife in the car one time about buying a new pair of tennis shoes, and when I got home that evening and watched YouTube videos and such, I was getting so many tennis shoe ads it was actually quite spooky.
Oh definitely, I go to a lot of effort to try and mitigate it (graphene OS, no Facebook, social media, pihole for network wide ad blocking, simplelogin for email aliasing, no smart devices) but there’s always plenty of invasive apps/services even you’re privacy conscious.
Jesus Christ “always listing”.
No they aren’t. Not in any sense that even explained in common sense language to normal people.
They are listening to what amounts to be a key pair(s) voice imprint. That’s done at a hardware level. And despite it be career making and be worth millions nobody has reported any large scale beach of trust in many years.
The major players have an excellent track record of being secure.
The major players have an excellent track record of being secure.
Facebook doesn’t.
Found the astroturfer
Whatever you say. Still not a single person who can list consumer devices using this tech.
Whatever you say astroturfer.
But it does not look like like they are secure at all
Hey, we even have leaks… .
Tell your boss to update your script
First, the attacker needs to be within wireless proximity of the device, and listen to MAC addresses with prefixes associated with Google. After that, they can send deauth packets, to disconnect the device from the network and trigger the setup mode. In the setup mode, they request device info, and use that information to link their account to the device and - voila! - they can now spy on the device owners over the internet, and can move away from the WiFi.
Congrats, you found a single instance. It was patched via the security program. It relied on physical proximity.
Then you link another scenario where an utterly insignificant portion of users data was shared with partners.
It’s grasping at straws and both those incidents are unrelated to always on recording. None of that shit you linked is related in the least bit. It’s slippery slope bullshit you’re trying to pull.
Astroturfing 🤣🤣🤣 good lord I wish I could get paid arguing with uninformed privacy zealots.
The issue is that the thermostat can be used as a jump box into your network.
That’s when/where all the nefarious things happen.
This is why I like boarderless security, and did even before all these smart devices came around. Every device should be responsible for its own security. It meant your laptop is still protected when you’re on some random wifi network. Networks shouldn’t be built like eggs; hard on the outside, soft on the inside.
It does take more technical skill to setup, though.
Or they could just dime out the heat/AC and give you a huge energy bill. Or kill the furnace in the winter, while you’re on vacation, and let your pipes burst.
Nobody is doing that. A hacker doesn’t cause chaos just for the fun of it. They have nothing to gain by playing with your thermostat when they can spend less man-power exploiting corporations for money and data.
Really? Ok, that could be a one-off: here’s a more concrete example.
Yeah, but:
The downside, though, is that installing the ransomware, currently, requires the hackers to either have physical access to the thermostat or trick the victim into loading malicious files on the device on his own.
And if a hacker is in your home, they’re not a hacker. They’re just a burglar.
Realistically speaking who targets an individual house in the hopes of accessing something important and usable when companies lose millions of customer financial and personal information basically every month?
Nobody attacks an individual house, people exploit vulnerabilities en masse.
To do what though? People are worried about their internal network being compromised, but the average person has basically nothing worth stealing on their home network given the insane amount of work it takes to compromise it.
The fears of your internal home network being compromised are way overblown.
A main example that comes to mind is nanny cam or iot security cam ransoms for example. They don’t target specific individuals at first, they exploit a mass vulnerability, gather sensitive footage then blackmail. Another example, while not directly affecting IoT users’ lives was the Mirai botnet attack.
This implies looking at hundreds of thousands of nanny cams, for probably lots of hours before you end up with any footage thts worthy of ‘blackmail’. And I’d bet many homes would literally never have anything blackmail worthy even happen on camera. Oh no, they saw me naked!?! What am I going to do if my coworkers found out I walk around naked in my own home. I’d just tell them to take a hike and release my naked footage if they really wanted to.
It’s not just damage to your home network, it’s using that as part of botnets do do other crime. And it’s collecting data on you for sleazy purposes, that then gets leaked (sometimes) to those who want to use it for crime.
the insane amount of work it takes to compromise it.
Really?
The great thing about software is once you develop an insane trick to get into one child’s internet-connected doll (oh yes, there’s that too) you can roll it out to try ten million dolls across the world.
I think that example is probably the most serious one. If you live in regions that go to -40c you most definitely don’t want your thermostat to just stop heating the house.
At the same time, it’s nice to be able to check what temperature it’s at while you’re away. I have a zwave thermostat myself, gives “smartness” without the reliance on someone else’s computer.
Whats -40c I only know freedom units. Im guessing its -20f
Believe it or not, it’s also -40f :D for once we’re all happy.
Coincidentally -40c is also -40f
Pretty extreme example, and im sure you would manually intervene at that point
Sure it’s definitely an extreme example for the sake of argument but it’s one with potentially severe consequences (what if it happens while everyone is sleeping, or while all humans are away with only pets in the house, etc etc).
It’s happened before too: https://news.sophos.com/en-us/2016/01/18/nest-smart-thermostat-glitch-leaves-cold-feet-and-steaming-mad-customers/
And what’s the worst an internet connected thermostat could do
Raise your AC and or Heating bills?
Without you noticing though?
Without you noticing though?
They’d time it for when you are on vacation.
These iot software are usually minimum viable products with weak security. A zero day for them is fast simpler than trying to get a zero day in windows.
For example, I had a friend that worked at one of these companies, that recently lost a lot of money, and while he was there they had their master keys in the git repo on GitHub. At this point they were well past a billion dollar valuation.
I work in IT which is the reason: I self-host my smart home crap with strict firewall between it and my home assistant server.
And by strict firewall they mean a Faraday cage around the entire house
Find out this one simple tech tip that the copper industry loves and homebuilders hate!
nice try ea-nasir
I like that my dishwasher tells me when it’s done via app, and I can’t live without my robot vacuum cleaner.
Still, they’re on a separate vlan so if they get infected, the malware will look around like the John Travolta meme.
You know what they say, the S in IoT stands for Security!
I’m an IT professional, specifically in infosec, and it’s silly to go to those extremes. I have tons of smart home devices, and they’re all perfectly secure since I run Home Assistant and block them from the internet with a firewall.