1346
Smart home (lemmy.world)
you are viewing a single comment's thread
view the rest of the comments
[-] pearsaltchocolatebar@discuss.online 176 points 2 months ago

Tech worker here. My house is largely smart, but it's all controlled by a local server.

[-] borari@lemmy.dbzer0.com 140 points 2 months ago

Cybersecurity tech worker here, and same. Even with the local server though, the one smart thing that I absolutely don’t fucks with is exterior door locks. I got one that does PIN entry, but absolutely no wireless or Bluetooth or anything. Other than that let’s fucking go it’s 2024 I can’t be bothered to open my window shades with my hands like I’m living in the 1800s on a farm in the fucking prairie or some shit. They open on a schedule, synced at a slightly earlier offset to my wake up alarm.

[-] ThePantser@lemmy.world 42 points 2 months ago

Eh if they are savvy enough to unlock my door they are smart enough to break my window. Also if they can unlock my door I still have zwave open/close sensors that will trigger the alarm so I will take the convince of smart locks over non smart any day. I can keep the wandering bums out but remotely let family members in without having to give out my code or keys.

[-] borari@lemmy.dbzer0.com 12 points 2 months ago

That’s fair. I can store like 20 codes or something, so I just keep one extra in there then rotate it after whoever I had to give it to is done with needing it.

I live on a really busy street in a city, so I’m really not worried about someone breaking a window to get inside. Sure there’s a nonzero chance a methie might smash a window, but around here it’s mostly just testing car door handles and maybe smashing the car window if there’s a visible wallet or pill bottle or something.

Walking up to my door and doing a replay attack, or sending a master password to the lock takes seconds and doesn’t look any more suspicious than a resident entering the house. This talk is from 2016, but I doubt things have gotten significantly better, and I don’t want to be replacing my door lock, or even worrying about updating firmware, whenever something like this is found (Picking BLE Locks - Anthony Rose & Ben Ramsey).

But yeah, I’m not saying anyone’s an idiot for using a smart lock or anything, odds are it will never matter either way.

[-] mosiacmango@lemm.ee 7 points 2 months ago* (last edited 2 months ago)

There are a lot of zwave s2 locks out there. No Bluetooth at all.

128-bit AES isn't amazing, but it's more solid than bluetooth and most hardware locks.

Most locks, including deadbolts, can be picked or bumped in seconds. The physical lock is the weakest point. You can get zwave s2 smart locks with just pin pads, no physical key. That's probably the most secure option.

[-] borari@lemmy.dbzer0.com 4 points 2 months ago

Silicon Labs Z-Wave chipsets contain multiple vulnerabilities

CVE-2020-9060 Z-Wave devices based on Silicon Labs 500 series chipsets using S2 are susceptible to denial of service and resource exhaustion via malformed SECURITY NONCE GET, SECURITY NONCE GET 2, NO OPERATION, or NIF REQUEST messages.

Oof. Could you imagine having a vindictive neighbor who is mad at you over some dumb shit you have no idea about, then then DoS’ing your lock that has no physical key?

Again probably as close to zero as a non zero chance can be of actually happening, but idk just give me a key and some buttons for when I have bags and shit.

Also, if i decided to go in to home invasions I’d rather just carry around a phone or a raspberry pi or something and pop smart locks than carry around a snap gun.

Everything you’re saying is right though, there’s always a trade off when it comes to security.

[-] Malfeasant@lemm.ee 3 points 2 months ago

Lock picking takes skill. I've defeated a deadbolt and doorknob with a cordless drill in ~15 seconds. And it's not even all that loud.

[-] ThePantser@lemmy.world 4 points 2 months ago

Always have a backup trigger. A open/close sensor is hard to beat. They would have to know where it is and have access to it to bypass it. And for good measure a shock sensor to know if someone is trying to break it down.

[-] ayyy@sh.itjust.works 22 points 2 months ago

Dream: I will slowly wake up to gently increasing morning sun

Reality: my alarm clock sound is now just the buzzing and whirring of a motor that is starting to open my blinds. Just as I fall back asleep the whirring noise starts again to increase the light level.

[-] borari@lemmy.dbzer0.com 8 points 2 months ago

Yo do you write for Black Mirror?

[-] pearsaltchocolatebar@discuss.online 11 points 2 months ago

I wish someone made a smart door lock status indicator. I don't want my doors to unlock for me; I just want to know if I remembered to lock them.

[-] borari@lemmy.dbzer0.com 10 points 2 months ago

Like you want to have a dumb lock but a smart sensor that tells you if the deadbolt is locked or open?

I remember reading some blog somewhere about a person who rigged up a sensor to alert them if their mailbox had been opened or not, you could probably design something to do similar. Idk maybe a magnetic thing to detect the bolt itself, or something to detect on the position of the latch on the interior of the door?

Found this after a quick search, sorry for it being Reddit and the video of the working solution being uploaded to gfycat.

Dumb Deadbolt Lock Detection - Reddit

It wouldn't be hard to do if I got a hall sensor, I just didn't want to have to mess with 3D modeling and printing a housing for it.

[-] desktop_user@lemmy.blahaj.zone 1 points 2 months ago

I wonder if contact strips could be glued to the sides of the thing the deadbolt goes into?

That's definitely one way to approach it. You wouldn't have to attach something to the door that way, but you'd have to mess with wires external to the device.

[-] Damage@feddit.it 3 points 2 months ago

The ones I saw from Cisa, aside from reporting the status, could automatically lock every time you closed them

[-] 4am@lemm.ee 2 points 2 months ago

HomeAssistant can do this. Set an automation when you leave your home zone, if door is unlocked notify you.

If you have a smart lock, you can even close it. You should get cameras and an alarm system first, though.

[-] ayyy@sh.itjust.works 2 points 2 months ago

if door is unlocked notify you.

How do you detect this condition without a motorized smart lock?

Hall sensor or a switch that gets pressed when the lock is locked.

[-] ayyy@sh.itjust.works 1 points 2 months ago

How did you integrate this into your door reliably without interfering with the regular lock mechanism?

You could position the sensor/switch on one of the cardinal directions so it wouldn't be in the way of the mechanism.

[-] ayyy@sh.itjust.works 1 points 2 months ago

Mind sharing a photo of how you did this?

I haven't actually done this, I was just brainstorming. It shouldn't be too hard of a project, though. The easiest would just be an esp32 chip, limit switch, and small battery and power circuit.

You position the switch were the deadbolt latch hits it in the open or closed position (I'd do open personally). Using esphome with homeassistant would make programming it a breeze.

You'd need to figure out a housing, which is why I wish there was an off the shelf product. I might design one eventually, but it shouldn't be a huge lift for anyone who is familiar with 3d modeling.

[-] Ccninja86@lemmy.world 6 points 2 months ago* (last edited 2 months ago)

Yep fully agree on the exterior door locks. That is the one thing that should never be connected to anything even local servers. Also have to be careful with electronic locks in general. Some brands are terribly designed and can be bypassed in a stupidly easy way.

I'm more of a middle-ground person myself. I have Home Assistant fully self-hosted and using a secure cloudflare tunnel for external access. A few other self-hosted containers running other various things. Anything exposed to the internet requires a login. I always try to find stuff that integrates with HA, but I don't go to the full length of finding stuff that doesn't require the brand app to setup. I like the local control stuff if I can get it, because it usually works a lot better, but I won't actively avoid every brand that connects to a cloud somewhere because that's too much effort to avoid for me.

[-] Telorand@reddthat.com 6 points 2 months ago

Shades? A real tech enthusiast uses PDLC Film!

(Seriously, I wish I could afford some for all my windows.)

[-] borari@lemmy.dbzer0.com 6 points 2 months ago

Shit. I am a fossil.

Build your own! All you need is an esp32 or pi pico, stepper motor, and driver.

That's next on my list of projects after I finish my smart microchip keyed pet feeding stalls.

[-] Damage@feddit.it 4 points 2 months ago* (last edited 2 months ago)

I'm not sure the build-it-yourself route is the cheaper one compared to just buying a ZigBee smart opener

[-] borari@lemmy.dbzer0.com 2 points 2 months ago

I think they’re saying they wish they could afford PDLC film for all their windows. If you can DIY PDLC film you probably have a 3D printer the size of a tractor trailer and are 3D printing yourself a new house or something just for for the fuck of it in the backyard of your estate.

[-] Damage@feddit.it 1 points 2 months ago

@pearsaltchocolatebar@discuss.online was talking about stepper motors and microcontrollers, those are for motorizing a shade

[-] borari@lemmy.dbzer0.com 1 points 2 months ago* (last edited 2 months ago)

Unless my client is fucking up and putting their post as a reply to the wrong comment (which is a real possibility), they replied to Telorand who was talking about PDLC film.

Yeah, I misread the comment.

[-] Blue_Morpho@lemmy.world 5 points 2 months ago

I really hate that the automated shades I needed (must be plug in because they're 18' off the floor) are so proprietary that it's not even wifi.

[-] Damage@feddit.it 3 points 2 months ago

Here in Italy shutter covers are common, I have those and awnings, both can be connected to any sort of smart 2-way switch. I use BTicino for the shutters and Shelly 2PMs for the awnings

[-] mosiacmango@lemm.ee 2 points 2 months ago* (last edited 2 months ago)

There are Somfry blind controllers with small solar panels that face outwards on the motor housing. No plug required.

[-] sugar_in_your_tea@sh.itjust.works 2 points 2 months ago

I would assume those would be zigbee or z-wave or something. What does it use?

[-] 4am@lemm.ee 5 points 2 months ago

In the US, 95% of “smart” tech wants WiFi connection to a proprietary cloud and they will make breaking API changes and/or ban users for using 3rd party clients. Only phone apps with permission to see your contacts allowed!

That being said, you can usually find products that will work locally but it’s really difficult, and big-box stores almost never have anything Zigbee/Z-wave or even Matter enabled. It’s bleak.

[-] sugar_in_your_tea@sh.itjust.works 7 points 2 months ago

Ew. Blinds really should be line of sight IMO. I don't want anything related to my physical privacy living in the cloud (and that goes double for you, Ring).

[-] mosiacmango@lemm.ee 1 points 2 months ago* (last edited 2 months ago)

Ikea sells ZigBee blinds that connect right up to any home automation hub. Pretty cheap too, in the $100-200 range for most windows.

I'm using several. Batteries are solid. I get a good 3 months with daily opening/closing. I only wish they had solar modules you could add in, but the battery tray design makes that unlikely.

[-] Blue_Morpho@lemmy.world 2 points 2 months ago

It's not zigbee or anything anyone else uses. Someone spent a little time with a software defined radio to decode some of the signal.

[-] sugar_in_your_tea@sh.itjust.works 2 points 2 months ago

Ew, that's awful.

[-] borari@lemmy.dbzer0.com 2 points 2 months ago

Damn that sucks. I lived in an apartment and wound up rigging up an arduino to pull the chain on these three massive window shades in my apartment, they were seriously like 20 foot tall windows. This was back in 2015 or so, so I didn’t even bother trying to find anything off the shelf.

I love your username btw.

[-] tiramichu@lemm.ee 22 points 2 months ago

Yep.

I love tech, as long as it's tech that I have full control over.

[-] Damage@feddit.it 8 points 2 months ago

Home Assistant is the antithesis to this meme

[-] EtherWhack@lemmy.world 2 points 2 months ago

There's a difference between recognizing the risks of "smart" tech and knowing the futility of avoiding it -or- even better having the skill to mitigate as much risk as possible.

this post was submitted on 23 Sep 2024
1346 points (97.2% liked)

People Twitter

5377 readers
1002 users here now

People tweeting stuff. We allow tweets from anyone.

RULES:

  1. Mark NSFW content.
  2. No doxxing people.
  3. Must be a tweet or similar
  4. No bullying or international politcs
  5. Be excellent to each other.
  6. Provide an archived link to the tweet (or similar) being shown if it's a major figure or a politician.

founded 2 years ago
MODERATORS