What do you guys think of the idea of smart homes? I could make a basic setup using https://home-assistant.io to control my home temperature and lighting; the tools for doing this are everywhere nowadays and implementation doesn’t seem too horrific anymore.
But setting aside what I “can” do, is this something that I “should” do? How can a person implement this without connecting any devices to the internet?
I have always been pretty anti-smart homes. But it’s scope crept up on me. Often I wanted more manual automation. Christmas lights were on a light sensor timer power strip, lights going to the garage etc are on old school motion sensors so we didn’t trip.
-
The one thing I did do was a thermostat, specifically a Honeywell. It was nice for scheduling and remotely cooling the house when on returning from vacation (or shutting it off if I forgot.)
-
Then I got a wifi window ac for my office.
-
Then I added some wifi mouse traps to prevent me from having to crawl under the house to check them.
-
Then someone gave us a Weber iGrill sensor that was a pain to swap between phones.
Next thing I knew I had 5-6 apps. So I setup homeassistant to consolidate it. The Weber iGrill was the hardest but I had a pi in the kitchen running a calendar so I took a wekend and got it working in homeassitsnt.
Since then I have added some tplink kasa plugs and switches. The plugs are for Christmas lights this year. And one in the kitchen that we can plug a crock pot etc into and remotely start it while at work. The switches work just like a dumb one too. And are all locally controlled.
Finally I got a robot vac which is nice.
I still don’t have Alexa etc or cameras or mics in the house. And anything I do add needs to be only smart as a value add. IE: it should function as normal even without internet.
But yeah. I guess I have a smart home now.
My advice on HomeAssistsnt is make sure you products are supported if you go that route. Stay local only whenver possible. But it is nice. One app controls all. Again for me they all must function as a dumb device as well.
I’ve gone the same route. HA is amazing, but also a rabbit hole.
The family likes eg the motion enabled lights and the thermostats to control the heating in their rooms. I share your opinion that it must bring benefit.
Is a robot vac worth it? I’m worried that our young cat will destroy it, or that I have to empty it daily.
So I got the expensive model.
Well realistically I got a cheap ass one on an amazon fire sale to see if my wife would like it. She did and was spending time building barriers with shoes and shit to get it to vacuum one area. So THEN I got the super expensive one, specifically a Roborock s7 max v.
We don’t really vacuum anymore. Just use that. It’s pretty good about avoiding most obstacles but isn’t perfect. Nerf darts and kids markers are it’s Achilles heal. It also sucks on shag/thick rugs.
I empty the dust bin here and there. Same with water. But it is quite easy to take apart and clean up, both the vacuum and the station itself. Probably one of the better value adds we have had to be honest.
Awesome thanks for the tips!
-
In theory it’s awesome, but in practice it’s a Black Hat heaven
Harmful, the internet of things in general is.
You don’t need stuff that is 100% in a bot net caus its completely unsecured.
Great advice by Yoda!
An absolute nightmare for security and privacy. Just say no.
Not necessarily. If you use eg zigbee devices, they are only accessible locally.
But you’re right. Most smart devices connect to the cloud.
Buddy of mine moved into a new apartment and they have a couple of “smart features”: Temp, blinds, lights. No cameras (except the front door) or other fancy stuff.
However the apartment can be reached from any browser with a hash. So if you know the hash, you can easily access his apartment controls. No password, 2FA or anything necessary to identify him.
When he told me I was looking at him with wide eyes and he just laughed and said “Yeah, I know.”.
Soo…what’s the hash?
It’s convenient but it’s less secure and less reliable. Imagine being locked out of your house because the Internet is down.
The only smart objects I have are some light bulbs. I think, some processes are good to automate and put software in control of, and some things I want to have explicit control over (I.E. Door locks, Safe locks, AC settings, Heating). Technology can break in fantastical ways, but a lock should just freaking work.
As someone who has spent many years working on my smart home, I suggest, as do others, KEEP IT LOCAL.
Using home assistant since 2017. As you add stuff there’s more synergy, like a network effect. I have automations and services that:
-
Adjust the bathroom floor thermostat according to the prevailing hourly energy price
-
Adjust the colour temperature of lighting during the day so blue light is reduced in the evening, allowing natural melatonin production to function
-
Announce on a local speaker when our child gets to school in the morning using their phone location
-
Operates festive lighting in the winter with reference to sunset and sunrise
-
Turns off all lights when leaving; or sometimes if I’m feeling more paranoid
-
Replays lighting patterns from a previous week to simulate* occupation
-
Sends me an alert if motion is detected and nobody’s home
-
Turns off the picture on the TV if nobody’s in front of it for a while using a 60GHz radar sensor
as well as a few other things. I don’t want a smart home that’s just remote operation with a phone. I want to use capabilities to automate things so I don’t need to be concerned about them.
-
Smart homes sound good in concept and I’d love to have one if there weren’t so many risks. But an entire home that can be controlled via computers just sounds like an opsec nightmare. Obviously there’s the plus that your average technologically illiterate granny isn’t going to be using these so it will most likely have strong security systems. But hackers love a challenge.
And a whole neighborhood? A systemwide attack could happen disrupting entire swaths of a city’s residential zone. Imagine showers suddenly spraying boiling water, targeted attacks on epileptic individuals with flashing lights, temperatures dropping to below freezing or up to dangerous levels of heat or lightbulbs overloading sending broken glass everywhere, speakers bursting eardrums.
Not to mention more subtle dangers of such voice activation systems being accessed by malicious actors, or more likely, corporate concerns. Someone gangstalked or targeted by powerful people who could just court order one of these smart home companies to hand over the data and they probably will without fuss.
The attack surface of a single electronic device is massive, with dozens of different apps and services, each with different system vulnerabilities to exploit that’s already hard enough. But just imagine the attack surface of an entire home! Everything from the LG Flatscreen in your living room, to the temperature control systems, to your Apple Smart Toaster can be hacked to gain access to the rest of the system. If any one of those isn’t completely secure (which of course is a pipe dream) then it could be the gateway to a smart home hacking story on a Defcon panel.
And finally, what’s stopping the company from just updating the software for your smart home and paylocking features like “Uh yeah, you need to pay 12.99$ a month to have your cctv cameras work.” And because all the framework that runs the systems is being hosted in proprietary servers, you can’t do shit. And you can’t host your own servers either. Does this sound familiar because it should?
I’ve been using smarthome stuff for quite a while now, and my conclusion is this:
- You absolutely have to stay local. Home Assistant is the only software I know that can pull that off at the moment, but never ever use commercial devices that have to talk to their servers. Once the servers are down or your internet connection is down, those devices are just bricks, and you don’t want that at home.
- The setup is only really usable by the person who set it up. If you’re living alone that’s fine, but anybody else will have a hard time tapping in your secret code to turn on the lights. All trained behavior like pushing a light switch to turn the lights on and off are violated in a smart home, even if it’s just because the delay between pushing the button and the lights going on is increased by 100ms.
- You have to monitor battery levels of sensors and replace them to keep the system working. There are dozens of coin cells in your home, they are going to run out eventually (after a few months).
- Have a fallback mechanism when the network goes down. It’s not great when you can’t turn on the lights to check why the WiFi router isn’t responding.
All trained behavior like pushing a light switch to turn the lights on and off are violated in a smart home, even if it’s just because the delay between pushing the button and the lights going on is increased by 100ms.
This is only true if you’re controlling bulbs instead of switches. Virtually all of my lights are on z-wave switches that work almost exactly the same as regular switches, the only difference being that the switch paddle doesn’t stick in an on or off position. Smart control is strictly in addition to the primary control.
Completely agreed on your other points, though. Absolutely no chance I’d use anything other that a local Home Assistant server that handles all processing locally.
I’ve installed an Aqara wall switch in a public room, and people are complaining that it doesn’t feel as well as a regular light switch. It’s really hard to get it right.
Yeah, unfortunately there’s not much that can be done there, at least not without adding little motors to the switch so it can match state with whatever it’s controlling. My experience has been that there’s an adjustment period, but eventually it’s not a big deal. Sort of like switching to paddle switches from toggle switches; at first it’s different, and people don’t like different when it comes to things they don’t think about, like light switches. But eventually the new thing becomes normal, and it’s not a problem anymore.
That said, the z-wave toggle switches are garbage, it’s much easier to adjust to paddles.
Smarthome well done is good and I think it will be necessary to tackle some challenges of the future - we need smart solutions to use ressources much more efficiently.
But: 85% of all smart home products are neither smart nor good. They are glorified remote controls. Nothing more.
AMAZON ALEXA IS NOT A SMART HOME PRODUCT.
A smart house doesn’t need you to use your phone/voice/etc. to turn down the blinds or switch on a light. It knows when the blinds need to be where depending on your location, the weather (blind based cooling in summer, heating in winter), the time, etc. It inherently doesn’t need a internet connection to control itself - it only does need the internet to expand its knowledge of the outside world,e.g. by getting disaster alerts, weather forecasts or off-site-location. When done this way there isn’t much “hacking” that can be done. There aren’t many components that can turn into botnets.
This is all possible for ages and it is all easily achieved - KNX and other systems are good examples. Matter can possibly achieve that. But currently it’s the big hype to call everything that can be voice controlled smart.
For fucks sake. It takes me longer to say “Alexa turn on the living room lights” than to do it myself or use a Clapping sensor from the 80ies.
Yeah no. As a former IT guy the last thing I want is be tech support for my family’s light switch