Comment by jqpabc123
5 days ago
The ultimate long term solution --- refuse to buy any home product that defies local control.
If a wifi password is required to make full use of the device, I will return it.
If some users want to sacrifice security and privacy for "convenience", that's on them. But if you want to sell me the product, at least provide the option to decline without loss of functionality. Otherwise, no sale.
As an example, I refuse to buy a doorbell camera that doesn't support RTSP.
> As an example, I refuse to buy a doorbell camera that doesn't support RTSP.
This is a good example of conflicting security requirements.
Not wanting the video to go to the cloud is fine, but most cameras with RTSP enabled allow any other device on the network to trivially get the camera stream, and sometimes also control the camera. This is why some camera companies require you jump through hoops to unlock RTSP - I don't like it but I can see why they do it.
This is one reason I've come to believe it's necessary that every device must see a totally different network universe from every other, able only to see the local controller server. (This is how I ended up playing with on AP video relays in my profile, as an effort to see what's involved). Things like multicast discovery is cool, but an absolute privacy and security disaster area.
but most cameras with RTSP enabled allow any other device on the network to trivially get the camera stream, and sometimes also control the camera.
Not a real concern when the network is fully under my control. I can easily restrict access as I see fit.
I surrender all control when I give up my wifi password and allow similar access to somebody's network located somewhere on the internet. Further access can be (and has been) granted to others without user knowledge or consent. For example:
https://arstechnica.com/tech-policy/2022/07/amazon-finally-a...
You can - but will you? And you are in the tiny minority of people who understand what that even means. The vast majority of humans have better things to do with their life than figure out how to secure their personal network. (I'm not saying they are too stupid to figure out how - just that they have better things to do with their time)
9 replies →
One overlooked variable here is that price is a huge consideration factor into IoT acceptance. Convenience is one thing, but having to pay 10x more is another.
China(up to now, now with tariffs stuff... who knows) has been exceptional in that they produced IoT devices for many use cases at very reasonnable prices. Want a water leak detector that's zigbee connected? that's only 5 bucks. if I want to buy one from a "western" company(still produced in china) it instantly gets marketed to a premium market and costs 10x or 20x more.
They have no incentive to make their products work in pure local when companies like Tuya provide SDKs, chips, and frameworks at a low price and easy entry barrier. But of course that locks into their ecosystem.
It's possible that a company making an open toolkit with easy integration for esp32/etc could gain enough traction to get many devices to use that, but at this point it's unlikely.
As for HA... I love it and run it locally, but it's not for the faint of heart. And spending dozens of hours modifying devices and configuration to get everything running is a priviledge few have the skills, time and knowledge to do.
As always... this is a case of "the only incentive is money and hence the system will lock itself".
Wouldn't it be great if the EU could force these companies to surrender local control?
Basically full local home assistant support or I'm not buying. Some products start to have badge on the box.
> If a wifi password is required to make full use of the device, I will return it.
This is one of my favourite uses of OpenWRT, or any other firmware that gives you proper control over the router - for WiFi-networked IoT devices, I set up a separate wireless network with no WAN/LAN access and client isolation. I can connect to the device, but it can't connect to WAN, any other devices on the IoT network, or my LAN.
Of course this won't work for cloud-tethered devices, but many will expose their functionality directly over network.
I've been doing this for years, but it's hard work trying to get information on how bad these devices could spy on you - before you buy them
I just guess now and make sure the company has a good returns policy
For the most part I just stick to zigbee devices and I can be sure they're fully under my local control because their only gateway to the network is the zigbee modem attached to my Raspberry Pi running Home Assistant. Sometimes requires messing with some quirks to get the full functionality I need out of them, but the community is pretty good about supporting most devices out of the box.
it's hard work trying to get information on how bad these devices could spy on you
The orange flag is when setup requests my wifi password.
But the big red flag for me is when configuration fails without unfettered WAN access. In this case, the product goes back in the box. If you allow this, you allow anything. Someone else effectively owns the device.
An easy test for this --- simply unplug your network from the WAN modem and see what happens.
Can you tell me which one you arrived on in your research? I would like a local controlled doorbell camera
Amcrest. See my post below (or above).
Not OP, but I ended up with Reolink.
> If a wifi password is required to make full use of the device, I will return it.
By that logic, you will not buy any "smart" devices
A camera doorbell, in your example, need wifi password so that it can stream video.
A smart lightbuld need wifi connection to change brightness or color.
Without wifi connection, it will lose a part of functionality
Philips Hue and many other similar smart light bulbs connects to my zigbee network with no Wi-Fi needed. It's remarkably simple to control them from Home Assistant, which I can run on a fully isolated home network. When my Internet gave out for two weeks (the perils of living in a forest) lots of stuff became inconvenient, but my smart light bulbs continued to work perfectly.
The point is not wifi. Wifi is just a protocol, like zigbee, or lora, etc.
Giving something wifi password is different from giving something internet access, they are not inclusive. You just add it to your local network without giving it internet access
In your case, does your smart bulb still have same functionality if you dont add it to your zigbee network ?
There are camera doorbells with PoE.
Thinking that through with PoE and Ethernet. Outside of MAC address white listing, how does one protect one's local Internet from being jacked in from the doorbell, externally?
1 reply →
So wrong.
There are protocols like zwave, zigbee, and possibly others that not only not need wifi passwords, they don't even need an IP address.
That's simply not true.
There are plenty of smart devices (including lighbulbs, sensor movements, and what not)t hat use bluetooh, or protocols like Zigbee that enable all kind of functionality without wifi password.
I believe he meant connectinon to the cloud of service provider.