• borari@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      135
      arrow-down
      1
      ·
      3 months ago

      Cybersecurity tech worker here, and same. Even with the local server though, the one smart thing that I absolutely don’t fucks with is exterior door locks. I got one that does PIN entry, but absolutely no wireless or Bluetooth or anything. Other than that let’s fucking go it’s 2024 I can’t be bothered to open my window shades with my hands like I’m living in the 1800s on a farm in the fucking prairie or some shit. They open on a schedule, synced at a slightly earlier offset to my wake up alarm.

      • The Pantser@lemmy.world
        link
        fedilink
        arrow-up
        41
        ·
        3 months ago

        Eh if they are savvy enough to unlock my door they are smart enough to break my window. Also if they can unlock my door I still have zwave open/close sensors that will trigger the alarm so I will take the convince of smart locks over non smart any day. I can keep the wandering bums out but remotely let family members in without having to give out my code or keys.

        • borari@lemmy.dbzer0.com
          link
          fedilink
          arrow-up
          10
          ·
          3 months ago

          That’s fair. I can store like 20 codes or something, so I just keep one extra in there then rotate it after whoever I had to give it to is done with needing it.

          I live on a really busy street in a city, so I’m really not worried about someone breaking a window to get inside. Sure there’s a nonzero chance a methie might smash a window, but around here it’s mostly just testing car door handles and maybe smashing the car window if there’s a visible wallet or pill bottle or something.

          Walking up to my door and doing a replay attack, or sending a master password to the lock takes seconds and doesn’t look any more suspicious than a resident entering the house. This talk is from 2016, but I doubt things have gotten significantly better, and I don’t want to be replacing my door lock, or even worrying about updating firmware, whenever something like this is found (Picking BLE Locks - Anthony Rose & Ben Ramsey).

          But yeah, I’m not saying anyone’s an idiot for using a smart lock or anything, odds are it will never matter either way.

          • mosiacmango@lemm.ee
            link
            fedilink
            arrow-up
            6
            ·
            edit-2
            3 months ago

            There are a lot of zwave s2 locks out there. No Bluetooth at all.

            128-bit AES isn’t amazing, but it’s more solid than bluetooth and most hardware locks.

            Most locks, including deadbolts, can be picked or bumped in seconds. The physical lock is the weakest point. You can get zwave s2 smart locks with just pin pads, no physical key. That’s probably the most secure option.

            • Malfeasant@lemm.ee
              link
              fedilink
              arrow-up
              3
              ·
              3 months ago

              Lock picking takes skill. I’ve defeated a deadbolt and doorknob with a cordless drill in ~15 seconds. And it’s not even all that loud.

            • borari@lemmy.dbzer0.com
              link
              fedilink
              arrow-up
              3
              ·
              3 months ago

              Silicon Labs Z-Wave chipsets contain multiple vulnerabilities

              CVE-2020-9060 Z-Wave devices based on Silicon Labs 500 series chipsets using S2 are susceptible to denial of service and resource exhaustion via malformed SECURITY NONCE GET, SECURITY NONCE GET 2, NO OPERATION, or NIF REQUEST messages.

              Oof. Could you imagine having a vindictive neighbor who is mad at you over some dumb shit you have no idea about, then then DoS’ing your lock that has no physical key?

              Again probably as close to zero as a non zero chance can be of actually happening, but idk just give me a key and some buttons for when I have bags and shit.

              Also, if i decided to go in to home invasions I’d rather just carry around a phone or a raspberry pi or something and pop smart locks than carry around a snap gun.

              Everything you’re saying is right though, there’s always a trade off when it comes to security.

          • The Pantser@lemmy.world
            link
            fedilink
            arrow-up
            3
            ·
            3 months ago

            Always have a backup trigger. A open/close sensor is hard to beat. They would have to know where it is and have access to it to bypass it. And for good measure a shock sensor to know if someone is trying to break it down.

      • ayyy@sh.itjust.works
        link
        fedilink
        arrow-up
        21
        ·
        3 months ago

        Dream: I will slowly wake up to gently increasing morning sun

        Reality: my alarm clock sound is now just the buzzing and whirring of a motor that is starting to open my blinds. Just as I fall back asleep the whirring noise starts again to increase the light level.

        • borari@lemmy.dbzer0.com
          link
          fedilink
          arrow-up
          9
          ·
          3 months ago

          Like you want to have a dumb lock but a smart sensor that tells you if the deadbolt is locked or open?

          I remember reading some blog somewhere about a person who rigged up a sensor to alert them if their mailbox had been opened or not, you could probably design something to do similar. Idk maybe a magnetic thing to detect the bolt itself, or something to detect on the position of the latch on the interior of the door?

          Found this after a quick search, sorry for it being Reddit and the video of the working solution being uploaded to gfycat.

          Dumb Deadbolt Lock Detection - Reddit

        • Damage@feddit.it
          link
          fedilink
          arrow-up
          3
          ·
          3 months ago

          The ones I saw from Cisa, aside from reporting the status, could automatically lock every time you closed them

        • 4am@lemm.ee
          link
          fedilink
          arrow-up
          2
          ·
          3 months ago

          HomeAssistant can do this. Set an automation when you leave your home zone, if door is unlocked notify you.

          If you have a smart lock, you can even close it. You should get cameras and an alarm system first, though.

      • Telorand@reddthat.com
        link
        fedilink
        arrow-up
        6
        ·
        3 months ago

        Shades? A real tech enthusiast uses PDLC Film!

        (Seriously, I wish I could afford some for all my windows.)

        • pearsaltchocolatebar@discuss.online
          link
          fedilink
          arrow-up
          5
          ·
          3 months ago

          Build your own! All you need is an esp32 or pi pico, stepper motor, and driver.

          That’s next on my list of projects after I finish my smart microchip keyed pet feeding stalls.

          • Damage@feddit.it
            link
            fedilink
            arrow-up
            3
            ·
            edit-2
            3 months ago

            I’m not sure the build-it-yourself route is the cheaper one compared to just buying a ZigBee smart opener

            • borari@lemmy.dbzer0.com
              link
              fedilink
              arrow-up
              1
              ·
              3 months ago

              I think they’re saying they wish they could afford PDLC film for all their windows. If you can DIY PDLC film you probably have a 3D printer the size of a tractor trailer and are 3D printing yourself a new house or something just for for the fuck of it in the backyard of your estate.

              • Damage@feddit.it
                link
                fedilink
                arrow-up
                1
                ·
                3 months ago

                @pearsaltchocolatebar@discuss.online was talking about stepper motors and microcontrollers, those are for motorizing a shade

                • borari@lemmy.dbzer0.com
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  edit-2
                  3 months ago

                  Unless my client is fucking up and putting their post as a reply to the wrong comment (which is a real possibility), they replied to Telorand who was talking about PDLC film.

      • Blue_Morpho@lemmy.world
        link
        fedilink
        arrow-up
        5
        ·
        3 months ago

        I really hate that the automated shades I needed (must be plug in because they’re 18’ off the floor) are so proprietary that it’s not even wifi.

        • Damage@feddit.it
          link
          fedilink
          arrow-up
          3
          ·
          3 months ago

          Here in Italy shutter covers are common, I have those and awnings, both can be connected to any sort of smart 2-way switch. I use BTicino for the shutters and Shelly 2PMs for the awnings

        • borari@lemmy.dbzer0.com
          link
          fedilink
          arrow-up
          2
          ·
          3 months ago

          Damn that sucks. I lived in an apartment and wound up rigging up an arduino to pull the chain on these three massive window shades in my apartment, they were seriously like 20 foot tall windows. This was back in 2015 or so, so I didn’t even bother trying to find anything off the shelf.

          I love your username btw.

          • 4am@lemm.ee
            link
            fedilink
            arrow-up
            4
            ·
            3 months ago

            In the US, 95% of “smart” tech wants WiFi connection to a proprietary cloud and they will make breaking API changes and/or ban users for using 3rd party clients. Only phone apps with permission to see your contacts allowed!

            That being said, you can usually find products that will work locally but it’s really difficult, and big-box stores almost never have anything Zigbee/Z-wave or even Matter enabled. It’s bleak.

            • sugar_in_your_tea@sh.itjust.works
              link
              fedilink
              arrow-up
              6
              ·
              3 months ago

              Ew. Blinds really should be line of sight IMO. I don’t want anything related to my physical privacy living in the cloud (and that goes double for you, Ring).

            • mosiacmango@lemm.ee
              link
              fedilink
              arrow-up
              1
              ·
              edit-2
              3 months ago

              Ikea sells ZigBee blinds that connect right up to any home automation hub. Pretty cheap too, in the $100-200 range for most windows.

              I’m using several. Batteries are solid. I get a good 3 months with daily opening/closing. I only wish they had solar modules you could add in, but the battery tray design makes that unlikely.

          • Blue_Morpho@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            3 months ago

            It’s not zigbee or anything anyone else uses. Someone spent a little time with a software defined radio to decode some of the signal.

      • Ccninja86@lemmy.world
        link
        fedilink
        arrow-up
        5
        ·
        edit-2
        3 months ago

        Yep fully agree on the exterior door locks. That is the one thing that should never be connected to anything even local servers. Also have to be careful with electronic locks in general. Some brands are terribly designed and can be bypassed in a stupidly easy way.

        I’m more of a middle-ground person myself. I have Home Assistant fully self-hosted and using a secure cloudflare tunnel for external access. A few other self-hosted containers running other various things. Anything exposed to the internet requires a login. I always try to find stuff that integrates with HA, but I don’t go to the full length of finding stuff that doesn’t require the brand app to setup. I like the local control stuff if I can get it, because it usually works a lot better, but I won’t actively avoid every brand that connects to a cloud somewhere because that’s too much effort to avoid for me.

    • EtherWhack@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      3 months ago

      There’s a difference between recognizing the risks of “smart” tech and knowing the futility of avoiding it -or- even better having the skill to mitigate as much risk as possible.

  • kittenzrulz123@lemmy.blahaj.zone
    link
    fedilink
    arrow-up
    144
    ·
    3 months ago

    Personally I love the idea of a smart home only if its self hosted and running on fully open source software, also never put a gun near an unattended printer :3

      • captainlezbian@lemmy.world
        link
        fedilink
        arrow-up
        7
        ·
        3 months ago

        I really need to get back into troubleshooting why it won’t work in my instance. Got into a habit of it but I got distracted by a crazy lady

      • abcdqfr@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        3 months ago

        Zwave is superior for not clogging up the 2.4GHz airspace, both are darling to use with hass. Wifi is a close third for usability but suffers from bogging local wifi/airspace without interoperability without a controller of some kind being online. Zigbee/Zwave both can function somewhat even with the local server offline

    • cynar@lemmy.world
      link
      fedilink
      English
      arrow-up
      9
      ·
      3 months ago

      Home assistant, as a central system (it basically let’s you wire anything into anything!). The smart switches etc should be esp8266 or esp32 based. You can then flash either tasmota or esphome to them.

      Since your server will likely be Linux based, it’s open source all the way to the bare metal, (or at elast as close as possible).

      My current system almost doesn’t notice if the Internet dies. Also, if you nuke critical components, in the worst case, it still defaults to dumb control behaviour (physical switches still work etc).

      I still know where the kill switches are however. I’ve also made sure it doesn’t have control of anything mobile, other than the robo vacs, and I’m fairly sure I could take them in a fight.

      • psud@aussie.zone
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        3 months ago

        as close as possible [to fully open source to the metal]

        Last I checked the only fully open stuff is one manufacturer’s IBM power 9 workstation and several Chromebooks

        Is it better in embedded stuff? Last openWRT device I ran needed a closed binary for network

        • cynar@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          3 months ago

          There’s still some various binaries. E.g. the expressif sdk generated code. However, it’s far harder to sneak something nasty into it.

          Codespace is at an extreme premium on microcontrollers. Kb, and even bytes matter. A big, complex bit of malware would take significant space, likely enough to be noticed quickly.

          As for smaller, simpler malware, this is a possibility. However, due to their nature, microcontrollers get a lot more scrutiny of their outputs. Random data dumps to an unexpected external address would be caught VERY quickly.

          This is compounded by the fact that it’s not uncommon, at least in larger installs, to segregate IoT devices from the main network. It stops them cluttering it up, and slowing it down. This makes it easy to firewall off the network from the Internet. They can talk to each other, and the central coordinator, but only the coordinator can see the internet, unless explicitly allowed.

          If my network were compromised via my smarthome setup, my first suspects would be the debian PC running home assistant, or my ubiquiti router. I’ve at least reduced my target area to business grade networking kit and a single Linux server. I’m not an impossible target, but far from a soft one.

    • sugar_in_your_tea@sh.itjust.works
      link
      fedilink
      arrow-up
      51
      ·
      3 months ago

      Yup, my parents have Google Home and Alexa, and my brother has Alexa. And here I am, the only one in the family who works in tech with neither. In fact, I got a free Google Home and gave it away because I don’t want it anywhere near my home network.

      One of these days I’ll figure out how to DIY it, but until then, I just use my phone (GrapheneOS, so some protections there) to play music and look stuff up.

      • RandomLegend [He/Him]@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        17
        ·
        3 months ago

        With a bit of work homeassistant can be a quite good voice assistant.

        You can either revive some old android device and use that, or get an ECHO M5 for ~13€ and hook that one up.

        You can even run some local Ollama AI and use that for the voice assistant nowadays. It’s quite useful and home assistant can be integrated into music / audiobooks aswell with something like Music Assistant 2.0

      • brygphilomena@lemmy.world
        link
        fedilink
        arrow-up
        8
        ·
        3 months ago

        I like having something in the garage. It’s in a place where I only stay when I’m working on something and my hands are super dirty. It can be isolated to a vlan by itself.

        But if my hands are covered in oil. I like being able to yell at it to play music and not get one more thing dirty.

        • sugar_in_your_tea@sh.itjust.works
          link
          fedilink
          arrow-up
          4
          ·
          3 months ago

          Makes sense. I’m also interested in getting something like it, I just don’t want anything by Google or Amazon, and I’ve been too lazy to go the DIY route.

          When I’m working in my garage, I’m usually listening to an audiobook, and all I need to do to pause is bump a button on the side with the back of my hand or something. Or sometimes I’ll listen to a playlist. But if I’m working on something in the garage, it’s usually not for very long (e.g. maybe an oil change, brake job, or headlights), so I’m usually in and out in 30 min to an hour. Some people love working in their garage though, I personally see it as a chore that I do to save some time and money.

          • brygphilomena@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            3 months ago

            Mine was a hacked Google home mini (physical hack, not software) where I took the speaker out to an aux jack to have it loud enough.

            I was in there for hours for all sorts of projects like engine and trans rebuilds.

      • grue@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        1
        ·
        edit-2
        3 months ago

        I got a free Google Home and gave it away

        To an enemy, I hope! Otherwise, you should’ve just thrown it out, or stripped it for parts or something.

  • Localhorst86@feddit.org
    link
    fedilink
    arrow-up
    75
    ·
    3 months ago

    That’s bullshit. No one really does keep a gun next to their printer to shoot it in an emergency, the notion is just ridicolus.

    What if the printer grabs the gun first? You need to keep it out of reach of the printer.

    • Nasan@sopuli.xyz
      link
      fedilink
      arrow-up
      10
      ·
      3 months ago

      My printer sits on an activated trapdoor above a shark tank. I’ve spent so much on printers trying to learn all the normal noises. Also sharks, turns out ink in the tank is not great for them.

      • Warl0k3@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        3 months ago

        Really, you should upgrade to laser sharks. Toner is so much cheaper than bullshit price gouging inkjet ink, and I hear brother makes some great sharklasers that take generic toner…

    • Blackmist@feddit.uk
      link
      fedilink
      English
      arrow-up
      26
      ·
      3 months ago

      When I had my bathroom done, they put some speakers in the ceiling I could connect to with bluetooth, but in order to activate that I need to use a crappy app to swap them to speaker mode and turn them on.

      When I got a new phone, guess which app no longer works on versions of Android that Noah himself didn’t use to track his fucking animals?

      Bonus: Every power cut causes it to enter “detuned radio mode”, requiring me to find my old phone, charge it up enough to power on, connect to the speakers and switch them off.

      Never buy anything from EISSound.

      Really need to get around to figuring out the spec of the speakers so I can replace the controller…

      • kameecoding@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        6
        ·
        edit-2
        3 months ago

        See, this guy is not a programmer, you should have known to create a ubiquitous interface to use your speakers, some audio cable that you could connect to any device to implement the music playing capabilities, instead you jammed the implementation into a blackbox that now can’t be easily changed.

    • Avg@lemm.ee
      link
      fedilink
      arrow-up
      8
      ·
      3 months ago

      But people keep insisting that I print, sign and scan documents like we are living in the stone age of computing. I literally recently got a brand new in a box printer from 2008 just so I could do exactly that.

      • Mycatiskai@lemmy.ca
        link
        fedilink
        arrow-up
        5
        ·
        3 months ago

        Places don’t accept pdf files that have signature touchscreen signed signatures?

        I sold and bought a house without signing anything except the final papers at the notary. The mortgage, the realtor papers, the inspection all were signed on either a DocuSign page or on my phone with a stylus.

        • Avg@lemm.ee
          link
          fedilink
          arrow-up
          3
          ·
          3 months ago

          I just got onboarded to a fortune 500 company as a consultant and that was the process.

    • psivchaz@reddthat.com
      link
      fedilink
      arrow-up
      3
      ·
      3 months ago

      I got a Lexmark business laser printer from a place that was going out of business for like $50. Best investment I ever made. It just sits there quietly, not doing anything, until I print something like twice a year. Five years in and it still works fine, I haven’t even replaced the toner.

        • psivchaz@reddthat.com
          link
          fedilink
          arrow-up
          2
          ·
          3 months ago

          Alright, best is an exaggeration. But $5/print assumes it breaks before I print anymore. The actual value is still unknown.

  • MonkderVierte
    link
    fedilink
    arrow-up
    37
    arrow-down
    1
    ·
    edit-2
    3 months ago

    Your entire house is smart hackable and tracks your every step for advertising revenue of big companies.

    • λλλ@programming.dev
      link
      fedilink
      arrow-up
      31
      ·
      3 months ago

      My smart home is Home Assistant hosted on a server in my house. It’s fully open source and has gone through multiple paid audits to show its security is good too. The only non-local-only integrations are the weather api’s and my thermostat (ecobee).

      • MonkderVierte
        link
        fedilink
        arrow-up
        7
        ·
        edit-2
        3 months ago

        I mean yeah, it’s possible to set it up privacy-respecting and that’s great. But the average tech enthusiast doesn’t set up his own server beyound a NAS.

        • PieMePlenty@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          3 months ago

          Heh, I’d argue the average tech enthusiast is exactly the person that would set this up. If not them, then who is homeassistant for? I think modern tech enthusiasts are privacy conscious and will put in the small effort to enjoy that privacy. Its non-techies who wouldnt bother and just use the app it comes with.

        • λλλ@programming.dev
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          3 months ago

          At first, a lot. Not so much recently though. It’s definitely more work though I’ll admit. Sometimes that’s the price to pay for privacy. Also, I learn a lot of skills that could help me get a good paying job by doing it.

    • absGeekNZ@lemmy.nz
      link
      fedilink
      English
      arrow-up
      5
      ·
      3 months ago

      THIS

      I work with tech; other than in my home office; there is no tech in my house.

      The voice activated things…just no. I looked into Mycroft, which looks interesting, but is till a solution looking for a problem.

  • cmhe@lemmy.world
    link
    fedilink
    arrow-up
    33
    ·
    edit-2
    3 months ago

    I wish it was more common for printers to have or be supported by open source firmware. Maybe then I might start to trust them enough to buy one.

    • grue@lemmy.world
      link
      fedilink
      English
      arrow-up
      17
      ·
      3 months ago

      BRB, attaching a pen to my GRBL-based CNC and looking for a PostScript to G-Code converter…

      • The Pantser@lemmy.world
        link
        fedilink
        arrow-up
        5
        ·
        3 months ago

        This is actually a really easy conversion for popular 3d printers like the ender3, there are so many plotter mods.

  • saltesc@lemmy.world
    link
    fedilink
    arrow-up
    26
    ·
    edit-2
    3 months ago

    I’m starting to get old.

    I can smart my house in a fully closed network and automate so much shit. But then I have to stay on top of it. I’m already at the point where it’s becoming a chore to catch up on the industry for new hardware for my rigs and I’ve done it so many times; it’s not fun anymore, it’s a job… I’m tired.

    Solace is found in my headphones and a fire pit. The day Steam becomes fuckery, I’m retiring from technology and fully absolving myself into disconnection.

    Hell of a time to be born, but fatigue.

    Edit: Ah, who amI kidding? I’m a career data analyst. I’ll be chasing digital dragons until I die

  • Aceticon@lemmy.world
    link
    fedilink
    arrow-up
    25
    arrow-down
    1
    ·
    3 months ago

    In more civilized countries, we keep a sledgehammer read to bash the printer with, rather than a gun.

  • chiliedogg@lemmy.world
    link
    fedilink
    arrow-up
    21
    ·
    3 months ago

    I’m paranoid at work because that’s my job.

    At home, I’m off the clock and my digital hygiene and organization is atrocious.

  • jg1i@lemmy.world
    link
    fedilink
    English
    arrow-up
    18
    ·
    3 months ago

    I program for a living.

    I can’t stand all the smart shit people talk about. I hate installing software updates. I hate having to download an app just to use some shitty hardware. I hate needing an internet connection to use something. I hate having to charge yet another device.

    I really hate software. I try to avoid it as much as possible.

    • ikidd@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      ·
      3 months ago

      There’s an offshoot of smart device enthusiasts that insist everything is local and reproducible. But if you don’t like software, it only makes it worse to try to keep things self-hosted, not to mention the learning curve is much, much steeper.

  • hperrin@lemmy.world
    link
    fedilink
    arrow-up
    18
    ·
    edit-2
    3 months ago

    I’m a tech worker, and I’ve got tons of smart things. They’re just all local. (Except my garage door opener. Man, fuck LiftMaster. Oh and my thermostat. Ecobee is ok, but I wish they would offer a local only option.)

    • psivchaz@reddthat.com
      link
      fedilink
      arrow-up
      15
      ·
      3 months ago

      RatGDO is a local ESP device you can hook into a LiftMaster to connect it to WiFi in a better way. Highly recommend.

      • Hathaway@lemmy.zip
        link
        fedilink
        English
        arrow-up
        4
        ·
        3 months ago

        This is awesome, as a small garage door business owner, I may start bringing these up. Though, I may be one of the few people that cares about this.

        I may get one, I’ve kept dumb motors for a long time to avoid any bs subscription to open my efing door.

      • ggiesen@lemmy.ca
        link
        fedilink
        English
        arrow-up
        2
        ·
        3 months ago

        I second that. Chamberlain’s/Liftmaster’s MyQ app grows more ad-infested by the day and the RatGDO gives you local control (no cloud required)

    • cum@lemmy.cafe
      link
      fedilink
      English
      arrow-up
      2
      ·
      3 months ago

      Hopefully with Matter becoming more popular, it’ll make it easier to standardize local IoT devices.