What do you guys think of the idea of smart homes? I could make a basic setup using https://home-assistant.io to control my home temperature and lighting; the tools for doing this are everywhere nowadays and implementation doesn’t seem too horrific anymore.

But setting aside what I “can” do, is this something that I “should” do? How can a person implement this without connecting any devices to the internet?

  • Hyperi0n@lemm.ee
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Smart homes sound good in concept and I’d love to have one if there weren’t so many risks. But an entire home that can be controlled via computers just sounds like an opsec nightmare. Obviously there’s the plus that your average technologically illiterate granny isn’t going to be using these so it will most likely have strong security systems. But hackers love a challenge.

    And a whole neighborhood? A systemwide attack could happen disrupting entire swaths of a city’s residential zone. Imagine showers suddenly spraying boiling water, targeted attacks on epileptic individuals with flashing lights, temperatures dropping to below freezing or up to dangerous levels of heat or lightbulbs overloading sending broken glass everywhere, speakers bursting eardrums.

    Not to mention more subtle dangers of such voice activation systems being accessed by malicious actors, or more likely, corporate concerns. Someone gangstalked or targeted by powerful people who could just court order one of these smart home companies to hand over the data and they probably will without fuss.

    The attack surface of a single electronic device is massive, with dozens of different apps and services, each with different system vulnerabilities to exploit that’s already hard enough. But just imagine the attack surface of an entire home! Everything from the LG Flatscreen in your living room, to the temperature control systems, to your Apple Smart Toaster can be hacked to gain access to the rest of the system. If any one of those isn’t completely secure (which of course is a pipe dream) then it could be the gateway to a smart home hacking story on a Defcon panel.

    And finally, what’s stopping the company from just updating the software for your smart home and paylocking features like “Uh yeah, you need to pay 12.99$ a month to have your cctv cameras work.” And because all the framework that runs the systems is being hosted in proprietary servers, you can’t do shit. And you can’t host your own servers either. Does this sound familiar because it should?

    • Hexarei@programming.dev
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 year ago

      To be fair, many of those problems are things you can mitigate by picking the right vendor and staying away from anything that needs to phone home or use the internet

      What’s stopping the company from just updating the software

      The fact that I buy zwave stuff designed never to connects to the internet

      And you can’t host your own servers either

      Home Assistant says otherwise

      • Hyperi0n@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Okay that’s fair, you bring up good points. I’m actually glad there are counter to my points. Thanks 👍.