Apple doesn’t tend to hand out their logo for industry groups and open source projects. That’s fine, it’s their support that matters. And it’s not like their name lacks brand recognition!
Here’s another example; same idea, different font:
Considering Apple, Amazon, and Google are already members of the Zigbee alliance, it makes you wonder why it had to be a new working group and not a new group within Zigbee.
Its like saying Cowboys, 49ers, Patriots, and the NFL join together to create a new football league.
> My understanding is that Zigbee works at the lower layers.
Zigbee is not IP. It's a completely different network, which is why many Zigbee based solutions often require a hub/gateway (which speaks both IP and Zigbee) to enable control via smart-phone apps or stuff like that.
To be honest, I'm pretty happy about that. The less my smart-devices has to do with my local wifi/LAN, the happier I am.
Not really sure I like the direction this is heading.
Not sure what the general state is now, but as a brand name it was one of the top most popular for at least a good year or two, back when I first got interested in home automation.
(The other two at the time were Z-Wave and X10, with X10 recommended against as obsolete/dying; I ended up settling on Z-Wave, so I stopped paying attention to Zigbee and other competitors)
From what I’ve read, Zigbee is for the rest of the world what Z-Wave is for the US, in terms of market share. Not sure how accurate that is, but from what I’ve seen, there are a lot more Zigbee devices here in Germany than Z-Wave, while most US sites talk about Z-Wave.
What Zigbee devices can you buy apart from Hue lamps? ZWave has been dominant for many years because there are hardly any Zigbee devices, be it in the US or in the EU. FWIW I'm in the Netherlands and have all ZWave, and when you look at e.g. the symcon.de forums, there are plenty of ZWave users in the EU (and Germany specifically).
The reason I can say my smarthome is relatively secure is explicitly because it doesn't use IP. It's good they're trying to standardize, but you're gonna have a problem when you try to use a firewall to inspect what these devices are up to and find that they're all making encrypted tunnels back to their home bases and won't work without them.
The high level of sophistication of IP networking and the fact that one small mistake could mean your devices access the Internet is why a network that doesn't talk IP is almost inherently safer than one that does.
It may seem trivial for those of us on HN to block IP devices from the internet, but the average user will not know how to do that effectively. They are also the ones who’s devices probably remain on a botnet undetected by their owners.
That said, most hubs (required for these types of devices) connect to the internet by default anyway. It does reduce risk a bit as vulnerability in a node isn’t exploitable remotely.
Most people are not going to buy a dedicated WiFi AP just for their home automation.
The benefit of Zigbee, even when using a hub, is that you don’t have all the actual devices on your network, calling home, and possibly opening up NAT traversal streams. You just need to worry about the hub. With WiFi devices, you need to worry about all of that for all of them.
Comcast and Verizon will dual stack you, sure. As the largest two ISPs, they're out of addresses. But a lot of other ISPs won't, my ISP doesn't support IPv6 at all.
I’m more talking about what people are actually aware of. Yes, most systems have IPv6 enabled and use it when possible, but it’s mostly invisible. When you login to a device to setup the IP address, it’s still almost always IPv4. That’s just for the internal networks, which is what most home users are thinking about on this topic.
Most wireless "smart" devices are IPv4 only but the RFC1918 space is sufficiently huge for a gone network. The annoying part comes in when you have to change the DHCP pool (lots of home hardware doesn't support multiple pools) and possibly re-ip your network. Why much with your network, just to reduce security? I'm a fan of zwave.
I'm on IPV4. It's not about how many IP addresses I have available, it's that all those smart devices can pollute the list of devices connected my wifi network.
I like to know what's on my wifi network, and because my memory isn't what it's used to be, I find myself having to assign names to all the smart wifi devices in my Unifi controller.
Sure, but I would still want to check that network's clients as well, so I would still want to identify the devices on that network to ensure that only my devices are on it.
Either way, it's still an additional step compared to Z-wave. Other than the hub, I don't need to set up an IP network for my Z-wave devices to connect to at all.
I mean, I’m using Z-wave too, but you’re describing the same level of complexity. Either you set up a dedicated WiFi network and check that to see the status of IoT devices, or set up a dedicated Z-wave network and check that for the status of devices.
For a z-wave device to pair to my hub, I need to put the hub itself in pairing mode.
Unlike wifi devices, a zwave device can't just join my hub by knowing an SSID and password.
Yes, I could do something similar with a wifi network and whitelisting mac addresses etc, but that's not nearly as simple as the way z-wave works.
[addendum] When I talk about checking my network, I'm also not talking about status. With wifi, I'm checking to look for unexpected clients. I occasionally have a temporary freakout when I see an unknown device on my wifi that ended up being something that I bought, added and forgot about (like a media player), etc. That's not a concern I ever have with a z-wave network.
I share your need to name all my devices in the controller view. Hopefully zwave has better security support than typical IoT devices. I'd really prefer to use certificates rather than WPA passwords because password rotation requires a) I give vendors my passwords which they may not really secure in any way, b) often requires I use a vendor tool to rotate said password.
It would be much preferable to have a standard way to store a certificate to the device. Today when the inevitable happens and someone leaves customer WPA passwords on an open S3 bucket, or they're exposed via cyber security break I have to update every device. It would be so much nicer to just go update my compromised device's certificate rather than the password for everything. Frankly I'd prefer certificates to passwords anyway because sooner or later I'm sure WEP2 itself will be broken.
This is false sense of security. Industrial SCADA and CAN networks have been found full of vulnerabilities because people assumed they were magically secure by simply not using IP.
You can easily isolate an IP network and inspect its traffic.
Seems like the sorta thing which has tons of buy in from teams that don't matter and the teams that actually need to be using this won't and it'll get abandoned in a few years.
Google (specifically, Nest) and Apple are both looking to displace other solutions in the market.
"Teams that don't matter" today. This market is absolutely rife with opportunity for someone to steal the whole thing with better UX and an interop promise.
Ha. Them? Forget it. The "Open Standard" will require phoning home to the manufacturer or it's "not certifiable". Trust these guys like your drug addict former friend.
I am curious if they will include cameras (security / door), because the characteristics of the payload are quite orthogonal to the characteristics of the payload of other smart home devices.
I think you’re right. Typical smart home coms being short little on/off or temperature up/down type commands vs. streaming/recording video and audio with some having two-way audio up to and including machine learning/AI for object detection which most likely is done remotely.
Lights and switches are generally basic async polling and commands versus live streaming video and constant video uploading to a cloud storage service.
A camera requires orders of magnitude more bandwidth and power than other devices that might be connected over a low-power, low-cost radio network. It needs to transmit that payload 24/7.
Currently, home automation typically uses a variety of custom protocols built on IEEE 802.15.4 (not 802.11*). It's a simple protocol that can be implemented by a cheap 8-bit microcontroller from 2 decades ago. Devices from one manufacturer may or may not communicate with those from another, and the network architecture is typically a hub with spokes - there's limited or no support for multi-router, multi-access point, or mesh networked setups.
This style of network honestly works pretty well for motion sensors, lights, outlets, temperature sensors, thermostats, etc. The master node might query a device every few seconds for a couple bytes of status, or might only send a short command when a user interacts with the device. Most smart home devices send a few bytes of data four times a day when you push "light on" and "light off" on the hub. This is great for operating for months or years on just a couple AA batteries. A camera sends a few bytes per pixel times (simplifying) 720 pixels down times 1280 pixels across times 30 frames per second times 86400 seconds per day, and can only run for an hour or two on a larger battery. That's almost 8 terabytes vs. 8 bytes.
But to use 802.15.4 networks, you need a hub, which is a barrier to entry - instead of one $20 light, you need a $15 light and a $50 hub. You likely already have an 802.11 router that could be the hub if the devices were smart enough to talk to it. And (tinfoil hat on) I think these companies would rather have their servers be the hub, rather than a device in your home they can't monitor and profit off of.
This is a very Hacker News answer, in that you wrote three dense paragraphs that are all technically correct, yet also completely divorced from our practical reality that has smart home cameras in it.
What is the obvious implementation out there? They just have both. They have the cheap 8-bit microcontroller from 2 decades ago transmitting on the low-bandwidth home automation network, and when it is decided that the camera should stream, it wakes up the beefy Ambarella or Socionext SoC to send its video feed over classic WiFi to the vendor cloud, and whoever wants to receive it just gets a stream URL back.
There are two aspects to most security cameras. The one everyone thinks of is video streaming - there’s plenty of standards for that, most notably RTSP and recently WebRTC. That’s probably out of scope for smart home protocols.
Totally in scope is provisioning, configuration, and notification of things it can detect such as motion. I’d anticipate those being managed as part of this new protocol, with streaming simply being to provide an endpoint address and maybe an authentication token to connect.
I doubt some of they PHYs have the bandwidth to support streaming video, but there have been some good efforts in the IETF to maximize streaming protocols over low-bandwidth connections.
But the whole point of CHoIP is that PHY doesn't matter, so you can configure your camera using IP messages over BLE, and then the camera connects to services over WiFi to stream.
right, but Zigbee just uses a generic 2.4GHz radio. There is nothing about the radio that "involves Zigbee". Some silicon vendors sell 2.4GHz radios that can run a BLE, Zigbee, or Thread networking stack.
Openthread is purely a networking solution. It does not address application-layer messaging. This effort is to unify the application layer. (ie, "light = on" messages).
The licensing is a bit poor. While openthread is open source, and the spec is public:
> "Membership in Thread Group is necessary to implement, practice, and ship Thread technology and Thread Group specifications."[1]. This seems to be a similar limitation to what prevents Zigbee from being in the Linux kernel, as commented elsewhere[2] in this thread.
In contrast, the Bluetooth SIG only requires a fee to be paid when you actually ship, as a once off not a yearly fee. The cost is roughly similar.
It looks like Connected Home over IP will be compatible with Thread - they are developing the stack on top of WiFi, Bluetooth and Thread: https://www.connectedhomeip.com/
> The goal of the Connected Home over IP project is to simplify development for manufacturers...
> The industry working group will take an open-source approach for the development and implementation of a new, unified connectivity protocol and increase compatibility for consumers.
Curious if I as a hobbyist will benefit from this? Or if this will become a: it works perfectly, but only if all your devices connect to our certification servers kind of thing, like Chromecast is becoming.
Perhaps. The Phillips Hue lights use an open standard, I bought a usb device that could talk it (ZigBee Light Link) but then it turned out that production devices used a master key.
Here's a discussion of the master key being leaked:
But I looked it it before that and never tried to look it up again.
So likely so, and with today's encryption it probably won't get hacked for hobbyists to use/learn/play but of course I guess the argument is that the Hue Bridge and other devices will have an API.
I can recall something along the lines: used to be like that with Light Link but as of Zigbee 3 it’s really interoperable all round (Hue hub registering third party devices and Hue lamps working with generic hubs.)
I’m still looking for other devices to mesh into a ZB3 network: I’d love to see an Opentherm capable controller able to use any connected thermometer and heating element valves to modulate heat flux production and distribution around my flat. Might be overthinking though... it’s so well thermally insulated.
My guess: first of all, "for security reasons" your DIY device will need to be certified, any existing SBCs will need to be replaced/extended to support new type of network and due to bloated protocol specs with a myriad of abstraction levels will render it almost impossible to implement it on your own and the open source library that can do that will implement the standard as specified whereas all proprietary solutions will have some quirks and little differences from official standard making it very hard to connect to anything from your open source lib. Also the sophistication of the new standard will exceed the capabilities of any arduino forcing you to replace any boards you have with new ones that have AVR uc with Connected Home hardware support.
Believe me, they will it will never find adoption. How to say, they are free to make whatever standards, but they will not matter much if nobody will use them.
Their entire ecosystem together have less devices shipped than even some OEM nonames, not to say of Xiaomi or Huawei or Tuya who tower over them.
All kinds of "smart assistants" like Alexa end up in drawers very quickly after initial novelty passes, and it creeping up you in the middle of a conversation gets annoying. From data I have, sales of those smart speakers is already starting to taper off.
In Russia, there is an idiom "to divide the cake before it's baked." And those guys are doing exactly that: people don't even know what those "connected home" devices are and which ones sell well, yet they are already eager make up standards for them.
Can confirm. My alexa went in the drawer after she was offering to call the crisis line for me during a spirited session of gaming.
I genuinely think the Amazon team (at least in that particular regard) want to do some good. But until they can teach their machines how to understand context, I just don't want my unfiltered conversations going around potentially to medical institutions or law enforcement.
Has anyone found Alexa way too easy to trigger? As someone who frequently talks about people with a similar name, I'm amazed at how often Alexa chimes in. I think 'OK Google' is at a sweet spot (although my parents for ages were convinced 'hi google' would work if they tried enough :)
For clarity, Alexa responded to my comments without being triggered. It's always listening (which makes sense, by virtue of listening for the trigger) but in this case, it reacted without the "Alexa" key word.
Id say yes. I just switched from google and feel like google was too buggy and slightly too hard to trigger. Alexa is too easy to trigger and has too many notifications.
Don't have an Alexa so can't comment on how easy it is to trigger, although I don't know any Alexes so it'd unlikely be a problem for me.
What I can say about the google equivelent is that I find saying 'Hey Google' everytime I want it to do something is a bit of a mouthful especially if you want to do several things is shortish succession.
And my other problem is that I apprently say 'OK Cool' too often when I'm on the desk phone at work as my google account is full of recordings of bits of my work phone convo's where I've triggered it unwittingly.
Sometimes mine starts responding to... nothing. As in, in the midst of silence in the middle of the night, like a dog barking at ghosts, it'll answer a question literally nothing asked.
> Can confirm. My alexa went in the drawer after she was offering to call the crisis line for me during a spirited session of gaming.
Wait, what? Please explain more.
It feels like you're saying Alexa heard you being ... passionate, and got concerned. But my understanding was that Alexa listens only after the trigger word. I'm really confused by what you've said and wish to know more context.
If you've ever owned a device like Alexa or Google Home what he said isn't confusing at all. They trigger accidentally all the time. His Alexa simply triggered when it wasn't supposed to and then reacted to what he was saying. Given he was gaming it was likely something about killing himself or someone else.
Huh, interesting. I have an amazon echo. My problem with it is not that it activates when I don't say trigger word, it's that I have to try very many times to get it triggered (usually by speaking louder).
It's impossible for me to say with certainty if it didn't just interpret something I said as it's trigger. Nevertheless, I was playing Halo online and yelling about a match going badly, saying something to the effect of "we might as well kill ourselves, this match is just not going our way" while laughing, and Alexa interpreted it as me contemplating suicide, and offered to connect me to a crisis line.
I am surprised this is how we have ended up. We have already had a pretty good looking model for this sort of voice activated computer interaction thanks to Star Trek: TNG.
It would be far more palatable for the devices to wait for a command cue ("Computer--") to respond with an activation bleep. After the bleep, the commands begin to be interpereted.
Instead we have a listener always awaiting commands. What could be a helpful and invisible servant is instead some kind of jerk who interjects with the most literal interpretations of normal conversations.
If I wake up in the morning feeling grumpy (every day) and say some crazy crap (totally possible) on my way to the can, will an apple contractor employee be able to figure out what the hell I really wanted by reviewing the seconds of audio?
I have made death threats to wall hanging photographs in those 30 minutes before my medication kicks in. There is no checkbox for this in the privacy settings. I know with some of these smart things you can change the prompt, but this feels like not the best we can come up with.
My experience is the opposite, basically every home I go to has an Alexa or a google home. It’s not doing too much typically managing lights/smart switches, and playing music.
Don't know much about russian idioms, but "splitting the <rewards x> before <accomplishing risky thing y>" sounds a lot like that stock thing the dutch east india company created
> any existing SBCs will need to be replaced/extended to support new type of network and due to bloated protocol specs with a myriad of abstraction levels will render it almost impossible to implement it on your own and the open source library that can do that will implement the standard as specified whereas all proprietary solutions will have some quirks and little differences from official standard making it very hard to connect to anything from your open source lib.
Whoa, is it really necessary to call BlueTooth out like that?
For anyone not following the the link, cptskippy has given a user perspective that summarises things nicely in my view:
“It's easier to tell when you're not using BLE. :)
The Tesla Model 3 uses traditional Bluetooth for phone calls and streaming but the Phone as a Key functionality is BLE. When you walk up to the car and try to open it and the car says FU then BLE isn't working.
When your Xiaomi Mi Band smartwatch hasn't buzzed all day but you pull your smartphone out of your pocket and have 8 missed calls, 100 messages, and 500 emails then BLE isn't working.
When you're at a Tech Conference and the Conference App uses BLE Beacons to help navigate you indoors and it can't determine your location then BLE isn't working.”
I really hope they recognize the need that people want to keep their data on their lan. Actually that would be required by the GDPR if they won't let me sign anything. My derived data is my own people, it does not belong to who ever collects it.
I.e. I just want a thermostat the is a big rotating button and speaks mqtt. It does not exist. If you want it to look good you end up with a Nest thermostat. Home Assistant needs to talk to the Nest online API, not to the device itself. Really annoying and unnecessary. I wish I could just pay 50$ more and get a Nest that does let me talk to it locally. Or whatever are they going to earn with my data? I'd probably pay it straight up.
If your device supports opentherm (which is not as open as you might think, btw) you might want to look into OTGW [0]. It probably works with Nest to if the Nest allows to run without internet at all.
To bad, my old heater had opentherm, with the OTGW I could intercept the packets between the heater and thermostat, change values (eg: date/time), issue commands (set room temperature) and add missing functionality (outside temperature for heating curve), it was ideal in every way.
But I moved and my current heater has a proprietary protocol over rs485 so its a no-go for the OTGW.
I had several Google Home devices, and you could not even boot them up unless you had a phone with an account that was opted into location history, web history, search history, and youtube watch history. Google has completely lost any concept of privacy.
I use Venstar thermostats with Home Assistant. They're totally fine, but wifi only I believe. Local API, so no cloud nonsense. I've been running them for about a year with no major problems.
They don't seem to be available in Europe, the thermostat market is surprisingly local, i.e. we also don't have Ecobee here. The Venstars do looks nice indeed.
>I really hope they recognize the need that people want to keep their data on their lan. Actually that would be required by the GDPR if they won't let me sign anything. My derived data is my own people, it does not belong to who ever collects it.
GDPR is a joke and easily bypassed because users are overwhemingly dumb and agree to anything without reading.
By making it online service dependent they don't have to care, the experience will be horribly degraded without signing in.
https://iot.mozilla.org -- can easily install the WebThings Gateway on a Raspberry Pi, or in a Docker container, or CLI install to a Linux box. It runs locally in your home. No cloud account, no cloud data center dependency, command and control accessible from the web UI served up by the home gateway. Local voice commands are possible too. My "home smart home" stays in my home. :)
Apple's existing standard (HomeKit) is relatively 'open' - the specification is published, and several open source implementations exist. I've used the Python one to implement automation on the smart-home devices I've built myself. However, you do need to be certified to distribute a product otherwise you get a warning in the app when you add the device.
Seems fair indeed. I did a quick search and HomeKit seems to work without an internet connection (on lan at least, not remote), what's your experience with that?
Yeah, it works completely locally on the lan - there's a MDNS discovery and then pairing process between devices and the phone.
You can access stuff remotely if you have an Apple device which is paired to the homekit stuff and connected to the internet (e.g. an Apple TV, we use an iPad which is always at home).
I've deliberately designed my system to work offline as while our connection's pretty reliable I don't see why I should need an internet connection to turn on a light! :)
> I don't see why I should need an internet connection to turn on a light!
I hope manufacturers see it the same way.
I don't mind devices having to be certified, I mostly want to buy hardware of the shelve anyways for safety and convenience reasons and build the controlling/automation part myself. So my biggest worries are not having a local API, data exposure and having to invest in a ecosystem and having the manufacturer brick it remotely, wasting my money.
At least for HomeKit, manufacturers have no choice but to support local network access to get certified. This has cause issues, especially with Cameras since HomeKit requires that camera streams not go through the cloud first.
It was a hardware auth chip, not DRM and it hasn’t been required for 2 years now. Software auth went live in iOS 11.3. Apple doesn’t encourage the chip anymore and AFAIK no one uses it (except legacy devices obviously). Software auth rules the day.
I think most major HA hardware providers support Homekit at this point, with the exception of ones that don't because of competitive reasons (Nest, maybe Ring, etc) or because of strict certification requirements (like camera streams being local, $$$).
> The HomeKit Open Source ADK is an open-source version of the HomeKit Accessory Development Kit. It can be used by any developer to prototype non-commercial smart home accessories. For commercial accessories, accessory developers must continue to use the commercial version of the HomeKit ADK available through the MFi Program.
So only the "device" part, sadly not the "controller" part. So you'll still need a iOS device to setup stuff in your house, I tried it yesterday with only my iMac to no avail.
> The goal of the first specification release will be Wi-Fi, up to and including 802.11ax (aka Wi-Fi 6), that is 802.11a/b/g/n/ac/ax; Thread over 802.15.4-2006 at 2.4 GHz; and IP implementations for Bluetooth Low Energy, versions 4.1, 4.2, and 5.0 for the network and physical wireless protocols.
> The Project intends to leverage development work and protocols from existing systems such as: Amazon’s Alexa Smart Home, Apple’s HomeKit, Google’s Weave, Zigbee Alliance’s Dotdot data models
Dotdot is basically ZCL over IP (in a way), but comes with a lot of legacy from ZCL.
Thread was my hope for a unified smart home network layer, but it didn't really get the adoption I'd hoped, and from a manufacturer's perspective, it did not include any application-layer messaging.
It looks like the goal is to standardize the application layer messaging (of which Dotdot was an attempt). Maybe call it Dotdot v2, but with better backing.
this is a good step. i worked in automation/controls (commercial, residential and industrial) for almost a decade (2000-2009) and personally dealt with the nightmare of interop. the number of times i had to glue disparate control systems together with relay closures and switch inputs was insane. and yeah, we had these issues with wireless. it was compounded by the company i worked for supporting enocean, zwave and zigbee.
i wish the harder i pressed the trackpad the more votes you would get. I remember smart home standards being talked about and published around 1999. Like another poster mentioned, X10 was a big thing around then even though it came out in the 70s.
Zigbee is already an open standard, but some Zigbee devices don't work with others. Yet, with Z-Wave they all tend to work and there isn't that much of a price difference (between Zigbee and Z-Wave devices). The biggest problem with Zigbee is that is uses 2.4 GHZ which doesn't travel long distances or through walls very well. Z-Wave uses a lower frequency that does. (edited for clarity)
The UK, national smart meter effort. Sub gig, supported by three silicon providers did Zigbee sub-gig for the last mile, tough to penetrate homes and buildings. Running 3.0 on which means it will port very easily but sub-gig is much more regulated country by country than 2.4.
You can search. This article covers the initiative but doesn't call out the sub-gig detail:
https://telecoms.com/opinion/467631zigbee-and-the-smart-mete...
In a real situation this usually doesn't cause issues. Most of the zigbee devices that you're gonna have (such as light bulbs) are also acting like a zigbee router and it creates a mesh network.
You can even visualise the network if you're using zigbee2mqtt with zigbee2mqtt/bridge/networkmap
That is true provided that you have devices that correctly act as routers. Sometimes it requires extra repeaters to make the network function correctly as well. Then there is the interference issue from WIFI and Bluetooth devices.
I have about 20 Z-Wave switches in my home, spread across 4 models and 2 brands. There were noticeable differences in response time, both from the physical button and over Z-Wave, when comparing brands. And even the most reliable brand for me (Aeotec) has had issues with the network being a little laggy. That's still a success in my books, though; I have bought Z-Wave devices that do not play nicely at all.
On the other hand, my Philips Hue lights have all been absolutely flawless. They fire on time, every time.
I think implementation of the standards matters a lot more than the standard itself, in practice.
I agree that the lag time is a bit higher on Z-Wave, partially because of the slower transmission speed. Plus does help that a bit. The number of hops can affect it as well, though they are limited in Z-Wave vs Zigbee which allows for more.
Even bigger problem with 2.4 GHz is that the frequency is oversaturated and most Zigbee channels at least partially overlap with WiFi channels. I had pretty bad interference in my home before I moved my Zigbee and 2.4G wifi channels as far apart as possible.
Just yesterday Aqara (Xiaomi) launched their Amazon storefront. All their devices are Zigbee and had mostly only been available from places like Aliexpress. Zigbee is far from a dead standard.
I think Zigbee is in the uptick. Philips Hue works with it. Ikea is aggressively pushing products. There is (was? website recently went down, perhaps it has something to do with this announcement) DotDot (https://en.wikipedia.org/wiki/ZigBee#Cluster_Library) based on Thread. Which is used by Nest/Google.
I want a super secure hub that everything connects to. The hub is the only thing that speaks to my router. The hub is super secure & doesn't let devices send data back to their manufacturer. If I buy cheap devices off a flea market like Amazon, I want to sleep safe & know that the hub is preventing that device from messing with any other devices or accessing the internet. The hub can send me notifications and I can send it requests. It would be cool if I could choose to have the main hub database & software based in the cloud or on my local network.
Not sure if this is already possible. If it is, I would love to hear more.
This is how ZigBee and Zwave work. The devices form their own network for inter-device communication (it can be setup so a switch talks directly to a bulb, so even if the network is unreachable it still works) and then you use a hub to orchestrate that and provide functionality such as phone control via an app. That can be something simple like a Philips Hue hub, or something more complex like SmartThings, or you can roll your own using Home Assistant and a dongle.
The problem with these protocols is although they are more or less open, device manufacturers need to pay to be certified.
Even if the hub was actually secure this still does not prevent from someone near to your house to talk to the devices directly (this applies especially to wireless devices). The hub you described would prevent from the remote attacks only
not only that. One insecure system in the area could be infected and then controlled to attack other networks in the area. With a high density of IoT devices you could have malware spreading wirelessly device-to-device.
Also with a wide IoT adoption with such devices being used by public/utilities companies (smart street lamps, leakage monitoring in pipes, smart electric grid etc) you don't even need a densely populated area to have that problem.
>I am more concerned about the bigger threat, global attacks.
I once read something among the lines that IT security needs its own Pearl Harbor event. I can neither quote it exactly or attribute it to any source
Apple, Amazon, and Google are fundamentally opposed to a model that sells devices that don’t phone home - their whole purpose is to capture value by creating lock-in for surveillable hosted services
Seconded. Apple, Amazon and Google have very different goals for your data. This is just a transport layer. Your privacy from the mother company isn’t impacted by the transport layer, but rather where they put the “brains” of your smart home.
While all using the same transport layer they can continue to utilize different “brain” strategies.
Apple’s “brain” has always been in your home where your data belongs and should stay. Google started with the cloud but is moving towards the same model.
On the other hand Amazon seems to have no qualms slurping everything out of your home to their servers and no plans to change.
Yep. And it's Apple that's pushing for a HomeKit router [1].
Reading between the lines of how Apple's been handling the "smart home" business, they've been focusing on privacy and security relative to competitors, but it's been holding them back.
I think the market has kind of shown that privacy (e.g. devices that aren't streaming to / dependent on the cloud) and security have not been primary concerns of the people who buy smart home devices, but solving those problems better may be key to enlarging the "smart home" market to include normal people.
Not sure I understand. I am pretty sure you have been to remotely control Homekit since the beginning, originally by utilizing an Apple TV 3rd generation, and subsequently with iPads, Apple TV 4th gen/Apple TV 4K, and now HomePods.
what do people mean when they say security for smart home devices? if the "launch ICBM" port is open on a device on your LAN doesn't an attacker still have to traverse your router to get to it? Otherwise, an attacker would have to get access to your LAN. Is something like that what you mean?
1. Their lightbulbs to not be co-opted into DDoS attacks
2. That their cameras are only used by them
3. That others can't control their devices
4. That their devices receive security updates
5. That their devices don't contain back-doors
6. That their devices can be used when isolated from the Internet
Wifi is a poor choice for this because it uses a lot of power. Lots of things that connect to a smart hub are tiny sensors that use expensive batteries.
> The project is built around a shared belief that smart home devices should be secure, reliable, and seamless to use. By building upon Internet Protocol (IP), the project aims to enable communication across smart home devices, mobile apps, and cloud services and to define a specific set of IP-based networking technologies for device certification.
Yet I don't see any mention of making those being able to work completely offline/standalone.
We rely too much on cloud services that ultimately get turned off after an undetermined about of time.
There is no way I am buying home automation equipment I cannot control myself, especially in a situation where the giants like Google could simply decide to terminate my account because I said or did something they didn't like and take down related systems with it.
Reading though it seems like a common universal standard that fully removes the need for third party services as all devices will adhere to a common standard. (I"m sure all of these will offer third party apps and all that still) but if you look at something like Homekit smart plugs, you can configure many of them without ever using anything but the Home App, just scan and go. Done right, this standard could make these devices never need third party services, just local networking. Seems like the goal, obviously I agree with you that it should be a stated priority.
"Since your recent comment does not meet our Community Standards(tm) your account has been suspended for a period of 28 days*. Additionally you will not be able to turn on the lights during that period and your microwave usage will be limited to 90 seconds daily."
I'm not sure what you are expecting here. CHoIP would define messaging that certified products must implement, meaning that an Amazon device and an Apple device would send the same message to a Phillips light to turn it on, and that message would be carried over IP.
The messaging would be agnostic of where the source is. It could be a device in the local network, or it could be a cloud-based service (assuming you open up your network).
HomeKit, for example, works locally, either over BLE or WiFi.
I am personally really against my IoT devices being able to "speak" TCP/IP, I want them to use dumb radios (Z-wave or if I must, Zigbee) that cannot talk to the internet. I get the draw of Wifi/IP devices but I avoid them at all costs. I don't want 10's or 100's of devices on my network that all are talking to servers in China.
I bought a few cheap POE Chinese cameras that I use with Zoneminder but they are all blocked from any internet access except talking to Zoneminder (local).
>I don't want 10's or 100's of devices on my network that all are talking to servers in China.
I definitely agree, although I'd expand that to "talking to any servers at all anywhere for anything I don't explicitly grant permission for". However for that very reason I prefer WiFi/IP devices, because it makes it very easy and straight forward to apply all the powerful network management tools we have for everything else. All devices can go on their own VLANs for example, with careful management and logging of how they communicate. The real shame is that there aren't better, more consumer friendly tools for managing that more visually/automatically.
Custom radios aren't any inherent defense there, already there have been demonstrations of getting right into Z-wave/Zigbee networks using customized SDRs. They have a purpose from an ultra low energy and meshing point of view, but you should be suspicious of what security practices for such things will actually be. WiFi/IP at least has the benefit of tons of open attention and development for security critical situations already.
You've made some very good points and better explained what I really want. I also will admit that using existing tools to create VLANs to "quarantine" the devices is an option. That said (and you touched on this) the average consumer is not prepared to deal with any of that, maybe that will change but as of today it's not easy or even possible with most consumer-grade hardware.
As for Z-wave/Zigbee, I could be missing a potential security hole but personally I am less concerned with my Z*-devices being hacked and more concerned with IP-devices being hacked and being able to talk to other IP-based devices on my network.
For example, it would suck to have someone be able to hack my door or lights but it wouldn't be the end of the world AND it requires physical access/proximity. This is quite different from someone on the other side of the globe being able to hack a device, hack other devices on my network (non-IoT), and then do something malicious (ransomware, identity theft, etc).
>That said (and you touched on this) the average consumer is not prepared to deal with any of that, maybe that will change but as of today it's not easy or even possible with most consumer-grade hardware.
Right, at one point it looked like something like UniFi could show the way there, but Ubiquiti unfortunately has turned into a development dumpster fire and really lost its way, and I don't know of anyone else attempting something similar. The principle remains though that it's another path forward, there are already powerful tools for network control and management, and there are accessible open standards there. Putting a better UX on that is worth considering alongside other solutions is all.
>As for Z-wave/Zigbee, I could be missing a potential security hole but personally I am less concerned with my Z-devices being hacked and more concerned with IP-devices being hacked and being able to talk to other IP-based devices on my network.
For example, it would suck to have someone be able to hack my door or lights but it wouldn't be the end of the world AND it requires physical access/proximity.
A lot depends on where you live. A few years ago for example there were a bunch of articles and demonstrations coming from research into and discovery of vulnerabilities in the ZigBee protocol itself. Because the whole point of it is meshing, if you're in an urban or even suburban environment with sufficient density, then a neighbor being hacked could then hack their neighbors etc in a chain reaction. And of course people had fun immediately putting SDRs on drones and doing a fresh new take on good 'ol war dialing, flying around owning anything they came across. Random example article:
Picked verge vs NYT since I don't think they're paywalled? Lots more though a quick DDG away covering the same thing at the time.
With meshing though, you do have to be somewhat careful about the concept of "proximity" and so on if there are protocol layer problems, which is less of a concern on WiFi for better and for worse. Your home might be locked down, but are you sure your neighbor or neighbor's neighbor and so on and so forth down the chain all have no entry point? I 100% grant it's more of a long term scalability consideration right now for many people, but hey, we're talking about a future protocol here!
I haven't followed the AmpliFi line closely to know if it has easy VLAN support but yeah... I really like the UniFi offerings but a fulling working UniFi system (excluding the UDM) costs ~$800 from my last estimate. I'm saving for it but that's cause I'm a weirdo who enjoys those kinds of things.
If you don't mind me asking what networking stack are you using?
Also thank you for the very well thought out and reasoned reply! I wasn't fully aware of some of those attack vectors.
Lastly I think I've been so anti-wifi IoT because of the inherent security issues with literally everything currently on the market. I see the wifi IoT as a bubble about to pop unless routers gain security features for IoT or some other major changes are made to how they work today.
Sorry for the slow reply, and I see you've got (and made) one other response. As far as what stack I'm using, on my test lab it's a big mix of course, but my main personal stack right now is UniFi dating back from quite a few years ago. However, I really want to reemphasize my "dumpster fire" aside: I strong DON'T recommend getting into UniFi right now if you're starting fresh, or at least, if you do be really careful about it. It hasn't been that obvious from the outside if you didn't know what to look for, but from an community and heavy use perspective it's clear Ubiquiti has been having major internal developer issues for a few years now at least. The CEO is apparently pretty toxic, but whatever the reasons are the result has been a major stagnation of the line, both for hardware and software, rapidly increasing technical debt, and a lot of extremely confused moves that seem to amount to easy bikeshedding because real engineers weren't available. I started to get into some of the gory details but am just deleting that paragraph, it's not really relevant here. But to take a specific example, that security gateway you were looking at, which is necessary if you want to use UniFi for L3 features, basics like DNS (which incidentally is also half-assed) etc, is a good 5 years old now. They introduced the "UniFi Security Gateways" and then refreshed them... never. The software for those is stagnant, and core software (like Strongswan for VPN) are often horribly out of date. It chokes doing much of anything interesting, would be obliterated in perf by a current RPi. The switches aren't in quite so dire straights, but for the money they too now have the smell of obsolescence. Ubiquiti has no decent L3 story for 2019/2020, no move to competitive faster networking, and a lot of cruft built up because they like to introduce new things but not just update and replace old ones.
Having said all that, their PtP/PtMP links are still nice. Their APs are solid overall, and do have nice industrial design (though no word on WiFi 6, which for a new install I'd consider fairly important). The interface has degraded significantly over the last few versions, but it's still better and more unified than any other I know of. I mean, I'm still running it myself after all. But if you go that route know what you're getting into and look hard for open box and used stuff that'll be cheap. And I'd honestly suggest not bothering with the cloud key and just running the controller yourself, on an RPi or similar if you want something dedicated but cheap or else spin up a VM or container, or even just run native I guess if you've got a server you run otherwise. The CK is also ancient.
In summary: I adored UniFi, and the potential was(is?) fantastic, and their old vision was fantastic, and at one point they were a really solid venture all around. And I know of nothing else with the same vision either. Yet even so I'm expecting to have to dump it overall in the next few years, which sucks. But long bitter experience has taught me that glorious turnarounds are much more the exception than the rule :(.
Holy shit this an amazing reply and I couldn’t be happier you took the time. I had read some about of the issues you you talked about but you highlighted even more.
I might go down the secondhand/used route if I do decide to do it. Right now I’ve got a single all-in-one router running LEDE and I like it but I’m not able to reach more than 60% of my fiber internet so I’ve been looking to upgrade. I decided that if I was going to throw a couple hundred at it I figured I might as well go all in.
It’s always sad to see a company throw away such a promising future. I saw their new AmpliFi “Alien” router and I’m half tempted to buy that and wait a few more years for a better option to present itself. Or even the UDM but it seems like a very odd offering to me... I guess I’ll keep looking, thank you again for the advice.
I would agree but there is quite a benefit to having these smart devices connect to technology already in the home. With the absence of a proprietary radio, it's easier for me to control them as well.
I currently have firewall rules on my network that blocks all communication between my smart devices and the internet. They can only communicate on the LAN and cannot send/receive information outside of the network.
I feel like if more proprietary communication protocols were implemented it would be hard to determine which devices were communicating, and which are accessing the internet(for example if a device has an embedded LTE chip to make up for lack of WiFi connectivity).
Can anyone recommend a method* without Wifi? Isn't there a method for "smart outlets", main scheduler, etc over electrical lines rather than bluetooth, wifi, etc? Method* == standard, or product line. [yes i used pointer and equality symbols oddly]
Edit: basically looking for a way to avoid more wireless transmitters in the house. Or are all outlets "receive only"?
The previous generation of smart home devices was called X10, and it used signals over power lines.
I gather it was:
- slow
- might have required you to make a connection in your circuit breaker
- and was designed in the 1970s, when home electrical systems weren't very noisy (apparently all the switching power adapters we have today make a ton of noise and make it hard for the signal).
I don't see why something newer like this couldn't be done -- we have powerline modems, right? Probably not as fast as wifi, but it does go where it is needed and requires physical access to hack.
Some devices are using Zigbee (a different wireless system), but I understand it was developed without security and isn't hard for third-parties to hack into.
I remember X10! The whole "over powerline" thing was a real possibility back in the day but it required all transformers to have a small modification done to them and that killed it IIRC. You could certainly do it in your home though.
> - might have required you to make a connection in your circuit breaker
That's one way to do it. Another way just requires a bypass and filter at your circuit breaker what is much simpler and doesn't have to connect anywhere else.
> - and was designed in the 1970s, when home electrical systems weren't very noisy
This is where things got worse, and then they got better. Yes, electrical lines are very noisy, but the 200Hz - 100kHz band is only getting cleaner. Electric motors will interfere with it, so you may need a filter on your blender (but even it is much better now), but this is the prime band for electrical wiring.
Also, on chasd00 comment that it requires capacitors bypasses on transformers, that's only true on the higher bands, and only on devices you want connected to the network. So only the smart devices need to adapt.
To expand on the circuit breaker item above: Because most of the outlets in your home are split between two phases of AC, it meant that the X10 transmitter would only be able to talk to half your power outlets (and you didn't know which half ahead of time), unless a phase coupler was wired into your breaker box that would repeat the signal on the outlets connected to the other phase.
Insteon is the closest thing to a successor to X10, and it still supports a lot of the old protocol. You can certainly setup an insteon system for basic stuff (Scenes, etc) without an Internet-connected hub at all.
It would be nice if such standard supported Publisher-Subscriber style of messaging. For example alarm could subscribe to events from motion sensors and security cams (a camera in addition to providing a stream could push events like motion detection) or heating controller could subscribe to temperature change events. To make security of that realistic this would need some form of ACL, probably centrally[0] controlled.
[0] central as in "home router" not as "somewhere in the cloud"
Thanks, it looks really interesting and seems to do what I just described. The thing it lacks though is - in my opinion - RPC-style messages. For example an alarm controller could subscribe to motion events, but when such an event occur it should be able to turn on sound-device immediately or shut some locks. The one-to-one communication as described here:
https://github.com/mqtt/mqtt.github.io/wiki/one_to_one
seems more like a hack than a proper solution.
The current trend of using async logic via message passing to maintain state is extremely error-prone and I personally consider it nondeterministic if it uses timeouts (which is pretty much the entire internet currently).
A much better system works more like Firebase, where clients can subscribe to change events but also have access to a single tree that holds the latest agreed-upon state. I'd recommend something like a distributed hash table (DHT) so that the entire state doesn't have to be downloaded by each client. The state itself should probably be binary JSON to start with, but the standard should be loose and allow for XML or anything else. This would take us to something more UNIX-like, where devices can be thought of as processes interacting via a single shared memory, and abstract away the tedious/brittle/insecure interconnect layer. It should also support unreliable message passing like UDP for realtime support, which is required for simulations and gaming (there is a higher than 50% risk of the protocol omitting this or getting it wrong).
After writing this out, I just realized that what I really want is an Actor model for IoT, where each device is completely isolated but communicates over channels like Elixir/Erlang or Go. I've come to reject both async and concurrent shared mutable memory because they each have major drawbacks. But I think that synchronous functional programming with primarily immutable variables and no shared mutable memory, building up a last known-good state inspectable by anyone with privileges is the future. The state could/should have something like an access control lists (ACL) and/or a permissions system. Ideally this should be hierarchical just like Firebase, and probably use a similar rule-based logic, to facilitate assigning roles to each client.
It's trivial to demonstrate that once you have this, you can build any other seemingly complex abstraction above it like a database or game server. We have been missing this abstraction for several decades so we keep witnessing company after company reinvent the wheel. As far as I know, the only attempt to do this is RethinkDB:
As usual, I would gladly work on a project like this, but there is currently no funding mechanism to support foundational open source projects like this with market-rate pay.
How would you solve access permissions in DHT? What if a node in DHT holds data that it is not granted to read? This would imply encryption of the data to prevent unauthorized reads - this does not really seem as a complicated problem - the data could be encrypted with only the nodes granted the read access having the decryption key(s). What seems harder to me is write permissions - if the data is encrypted/signed, only those nodes that have been granted permissions (and thus have copies of keys) would be able to overwrite/change that data. So the node that holds the data would not be able to overwrite it if it does not have r/w access to that piece of data. Nothing prevents from removing this data though. (I'm assuming the possibility of some nodes being malicious)
The usual solution for this is that the data must be signed by a specific private key; possession of that key grants write permission. A generation count or timestamp is embedded in the signed data to ensure that newer data cannot be replaced with obsolete data. Malicious nodes can still block updates from being distributed, though, so you need more than one path to seed the data into the network.
I'm not sure for DHT. But in Firebase the permissions are handled as user access rules written in Javascript, returning boolean true or false if the user has the ability to read/write the node and if the data being written passes a validation check:
So Firebase permissions really have more to do with the identity layer than keeping the data secret.
I think that probably everything should be encrypted anyway. This was a largely solved problem even in the 90s, and embedded devices are about as powerful as the 386 and 68030 computers popular then.
We really need a distributed SSL identity layer though. Something like letsencrypt.org except the client's identity would come from the social proof of its peers instead of a central organization. Maybe this is already a solved problem in OpenSSL? I only understand symmetric key encryption, but not the man in the middle protections that SSL certificates provide. To me, p2p identity and encryption should have been a foundational pillar of the internet, not some controversial afterthought like we think of it today.
I have 40+ ZWave+ devices and they work great with Home Assistant. From lights to fans to all kinds of sensors, the mesh network seems to have good range and latency (as long as your controller isn't really close to interference).
Definitely don't use older ZWave devices, only ZWave Plus certified ones. This ensures the network is fully encrypted and allows for greater range and throughput.
My next fun project is automating the watering of pots and the garden. Going to combine a ZWave-controlled solenoid with drip irrigation and some Home Assistant smart logic (daily rain, sun hours, humidity, temperature) to handle it.
I will never use these devices. I think those that do are opening themselves up to hackers, law enforcement and criminal abuse. This is clearly something that should be Open Source/ Open Bonnet or closed to my home.
I'd never use it myself excepting maybe video only for a burglar alarm, but because Marshall worked on home automation protocols, he loves this stuff. I always had nightmares the damn "smart light bulbs" in the 2nd street office were listening in on our conversations.
363 comments
[ 4.4 ms ] story [ 319 ms ] threadI wonder if it's official or just a workaround due to the fact that all the other logos have names and not just an icon like the standard Apple logo.
Here’s another example; same idea, different font:
https://aomedia.org/membership/members/
Its like saying Cowboys, 49ers, Patriots, and the NFL join together to create a new football league.
Zigbee is not IP. It's a completely different network, which is why many Zigbee based solutions often require a hub/gateway (which speaks both IP and Zigbee) to enable control via smart-phone apps or stuff like that.
To be honest, I'm pretty happy about that. The less my smart-devices has to do with my local wifi/LAN, the happier I am.
Not really sure I like the direction this is heading.
In that regard I much prefer non-IP based devices.
(The other two at the time were Z-Wave and X10, with X10 recommended against as obsolete/dying; I ended up settling on Z-Wave, so I stopped paying attention to Zigbee and other competitors)
I'm not sure I see much z-wave stuff (at least here in Australia)
And Google Trends has zigbee far higher up than z-wave for google trends in Germany [0] vs USA [1}
[0] https://trends.google.com/trends/explore?geo=DE&q=zigbee,z-w...
[1] https://trends.google.com/trends/explore?geo=US&q=zigbee,z-w...
It may seem trivial for those of us on HN to block IP devices from the internet, but the average user will not know how to do that effectively. They are also the ones who’s devices probably remain on a botnet undetected by their owners.
That said, most hubs (required for these types of devices) connect to the internet by default anyway. It does reduce risk a bit as vulnerability in a node isn’t exploitable remotely.
Yes, it's an extra device, but so is the Zigbee hub.
The benefit of Zigbee, even when using a hub, is that you don’t have all the actual devices on your network, calling home, and possibly opening up NAT traversal streams. You just need to worry about the hub. With WiFi devices, you need to worry about all of that for all of them.
It's also a little annoying having a pile of wifi devices whose only purpose is to manage an on-off state consume IP addresses on my network.
The better argument would have been that using a /23 or /22 subnet should probably be enough for most home automation setups.
Not sure if this is what they’re referring to, but possible.
I like to know what's on my wifi network, and because my memory isn't what it's used to be, I find myself having to assign names to all the smart wifi devices in my Unifi controller.
Either way, it's still an additional step compared to Z-wave. Other than the hub, I don't need to set up an IP network for my Z-wave devices to connect to at all.
Unlike wifi devices, a zwave device can't just join my hub by knowing an SSID and password.
Yes, I could do something similar with a wifi network and whitelisting mac addresses etc, but that's not nearly as simple as the way z-wave works.
[addendum] When I talk about checking my network, I'm also not talking about status. With wifi, I'm checking to look for unexpected clients. I occasionally have a temporary freakout when I see an unknown device on my wifi that ended up being something that I bought, added and forgot about (like a media player), etc. That's not a concern I ever have with a z-wave network.
It would be much preferable to have a standard way to store a certificate to the device. Today when the inevitable happens and someone leaves customer WPA passwords on an open S3 bucket, or they're exposed via cyber security break I have to update every device. It would be so much nicer to just go update my compromised device's certificate rather than the password for everything. Frankly I'd prefer certificates to passwords anyway because sooner or later I'm sure WEP2 itself will be broken.
You can easily isolate an IP network and inspect its traffic.
You cannot easily inspect less common protocols.
Obscurity and lack of tools never helps security.
"Teams that don't matter" today. This market is absolutely rife with opportunity for someone to steal the whole thing with better UX and an interop promise.
how so?
Currently, home automation typically uses a variety of custom protocols built on IEEE 802.15.4 (not 802.11*). It's a simple protocol that can be implemented by a cheap 8-bit microcontroller from 2 decades ago. Devices from one manufacturer may or may not communicate with those from another, and the network architecture is typically a hub with spokes - there's limited or no support for multi-router, multi-access point, or mesh networked setups.
This style of network honestly works pretty well for motion sensors, lights, outlets, temperature sensors, thermostats, etc. The master node might query a device every few seconds for a couple bytes of status, or might only send a short command when a user interacts with the device. Most smart home devices send a few bytes of data four times a day when you push "light on" and "light off" on the hub. This is great for operating for months or years on just a couple AA batteries. A camera sends a few bytes per pixel times (simplifying) 720 pixels down times 1280 pixels across times 30 frames per second times 86400 seconds per day, and can only run for an hour or two on a larger battery. That's almost 8 terabytes vs. 8 bytes.
But to use 802.15.4 networks, you need a hub, which is a barrier to entry - instead of one $20 light, you need a $15 light and a $50 hub. You likely already have an 802.11 router that could be the hub if the devices were smart enough to talk to it. And (tinfoil hat on) I think these companies would rather have their servers be the hub, rather than a device in your home they can't monitor and profit off of.
What is the obvious implementation out there? They just have both. They have the cheap 8-bit microcontroller from 2 decades ago transmitting on the low-bandwidth home automation network, and when it is decided that the camera should stream, it wakes up the beefy Ambarella or Socionext SoC to send its video feed over classic WiFi to the vendor cloud, and whoever wants to receive it just gets a stream URL back.
Totally in scope is provisioning, configuration, and notification of things it can detect such as motion. I’d anticipate those being managed as part of this new protocol, with streaming simply being to provide an endpoint address and maybe an authentication token to connect.
But the whole point of CHoIP is that PHY doesn't matter, so you can configure your camera using IP messages over BLE, and then the camera connects to services over WiFi to stream.
On the surface this "appears" very similar.
EDIT: Yes I'm aware the software layer is different, I was inferring the radios are the same.
Yes the software layer is different.
In contrast, the Bluetooth SIG only requires a fee to be paid when you actually ship, as a once off not a yearly fee. The cost is roughly similar.
[1] https://www.threadgroup.org/ThreadSpec [2] https://news.ycombinator.com/item?id=21825822
> The industry working group will take an open-source approach for the development and implementation of a new, unified connectivity protocol and increase compatibility for consumers.
Curious if I as a hobbyist will benefit from this? Or if this will become a: it works perfectly, but only if all your devices connect to our certification servers kind of thing, like Chromecast is becoming.
Here's a discussion of the master key being leaked:
https://news.ycombinator.com/item?id=9249753
But I looked it it before that and never tried to look it up again.
So likely so, and with today's encryption it probably won't get hacked for hobbyists to use/learn/play but of course I guess the argument is that the Hue Bridge and other devices will have an API.
I’m still looking for other devices to mesh into a ZB3 network: I’d love to see an Opentherm capable controller able to use any connected thermometer and heating element valves to modulate heat flux production and distribution around my flat. Might be overthinking though... it’s so well thermally insulated.
oooooo.
Also, using mobile.twitter.com (as linked) I see a single reply, if I delete `mobile.` I see no replies. Interesting.
Their entire ecosystem together have less devices shipped than even some OEM nonames, not to say of Xiaomi or Huawei or Tuya who tower over them.
All kinds of "smart assistants" like Alexa end up in drawers very quickly after initial novelty passes, and it creeping up you in the middle of a conversation gets annoying. From data I have, sales of those smart speakers is already starting to taper off.
In Russia, there is an idiom "to divide the cake before it's baked." And those guys are doing exactly that: people don't even know what those "connected home" devices are and which ones sell well, yet they are already eager make up standards for them.
I genuinely think the Amazon team (at least in that particular regard) want to do some good. But until they can teach their machines how to understand context, I just don't want my unfiltered conversations going around potentially to medical institutions or law enforcement.
What I can say about the google equivelent is that I find saying 'Hey Google' everytime I want it to do something is a bit of a mouthful especially if you want to do several things is shortish succession.
And my other problem is that I apprently say 'OK Cool' too often when I'm on the desk phone at work as my google account is full of recordings of bits of my work phone convo's where I've triggered it unwittingly.
https://youtu.be/J9gUIhkzNDk
Wait, what? Please explain more.
It feels like you're saying Alexa heard you being ... passionate, and got concerned. But my understanding was that Alexa listens only after the trigger word. I'm really confused by what you've said and wish to know more context.
It would be far more palatable for the devices to wait for a command cue ("Computer--") to respond with an activation bleep. After the bleep, the commands begin to be interpereted.
Instead we have a listener always awaiting commands. What could be a helpful and invisible servant is instead some kind of jerk who interjects with the most literal interpretations of normal conversations.
If I wake up in the morning feeling grumpy (every day) and say some crazy crap (totally possible) on my way to the can, will an apple contractor employee be able to figure out what the hell I really wanted by reviewing the seconds of audio?
I have made death threats to wall hanging photographs in those 30 minutes before my medication kicks in. There is no checkbox for this in the privacy settings. I know with some of these smart things you can change the prompt, but this feels like not the best we can come up with.
This can be turned on in the Home app → Accessibility → "Play start sound" (as well as "Play end sound").
That's the guy who flopped with Silk Labs labs.
Whoa, is it really necessary to call BlueTooth out like that?
“It's easier to tell when you're not using BLE. :) The Tesla Model 3 uses traditional Bluetooth for phone calls and streaming but the Phone as a Key functionality is BLE. When you walk up to the car and try to open it and the car says FU then BLE isn't working. When your Xiaomi Mi Band smartwatch hasn't buzzed all day but you pull your smartphone out of your pocket and have 8 missed calls, 100 messages, and 500 emails then BLE isn't working. When you're at a Tech Conference and the Conference App uses BLE Beacons to help navigate you indoors and it can't determine your location then BLE isn't working.”
I.e. I just want a thermostat the is a big rotating button and speaks mqtt. It does not exist. If you want it to look good you end up with a Nest thermostat. Home Assistant needs to talk to the Nest online API, not to the device itself. Really annoying and unnecessary. I wish I could just pay 50$ more and get a Nest that does let me talk to it locally. Or whatever are they going to earn with my data? I'd probably pay it straight up.
[0] http://otgw.tclcode.com/
That does mean some systems are not available at all, so "luckily".
[1] https://hubitat.com/
GDPR is a joke and easily bypassed because users are overwhemingly dumb and agree to anything without reading. By making it online service dependent they don't have to care, the experience will be horribly degraded without signing in.
This seems like a fair compromise to me.
You can access stuff remotely if you have an Apple device which is paired to the homekit stuff and connected to the internet (e.g. an Apple TV, we use an iPad which is always at home).
I've deliberately designed my system to work offline as while our connection's pretty reliable I don't see why I should need an internet connection to turn on a light! :)
I hope manufacturers see it the same way.
I don't mind devices having to be certified, I mostly want to buy hardware of the shelve anyways for safety and convenience reasons and build the controlling/automation part myself. So my biggest worries are not having a local API, data exposure and having to invest in a ecosystem and having the manufacturer brick it remotely, wasting my money.
Not a good idea with OEMs, and that's why I believe they gave up the white flag now: no adoption.
They are either jump on the smart home bandwagon now, or never.
Most OEMs chose APP + own protocol approach
I've been using it on a Raspberry Pi to control various things and recently decided to shape it up and release it to the public.
So only the "device" part, sadly not the "controller" part. So you'll still need a iOS device to setup stuff in your house, I tried it yesterday with only my iMac to no avail.
But still it's a step in the right direction.
CHoIP will define application-layer messaging that runs over IP, regardless of PHY.
So, you can run CHoIP over 6lowpan (this is essentially what CHoIP on Thread would be).
https://tools.ietf.org/html/rfc7668
> The goal of the first specification release will be Wi-Fi, up to and including 802.11ax (aka Wi-Fi 6), that is 802.11a/b/g/n/ac/ax; Thread over 802.15.4-2006 at 2.4 GHz; and IP implementations for Bluetooth Low Energy, versions 4.1, 4.2, and 5.0 for the network and physical wireless protocols.
> The Project intends to leverage development work and protocols from existing systems such as: Amazon’s Alexa Smart Home, Apple’s HomeKit, Google’s Weave, Zigbee Alliance’s Dotdot data models
Dotdot is basically ZCL over IP (in a way), but comes with a lot of legacy from ZCL.
Thread was my hope for a unified smart home network layer, but it didn't really get the adoption I'd hoped, and from a manufacturer's perspective, it did not include any application-layer messaging.
It looks like the goal is to standardize the application layer messaging (of which Dotdot was an attempt). Maybe call it Dotdot v2, but with better backing.
Randall gets it [1].
[1] https://xkcd.com/927/
You can even visualise the network if you're using zigbee2mqtt with zigbee2mqtt/bridge/networkmap
On the other hand, my Philips Hue lights have all been absolutely flawless. They fire on time, every time.
I think implementation of the standards matters a lot more than the standard itself, in practice.
Zigbee is pretty much a zombie standard now
- Philips Hue
- Xiaomi
- IKEA
- Sonoff
Rhetorical question.
I want a super secure hub that everything connects to. The hub is the only thing that speaks to my router. The hub is super secure & doesn't let devices send data back to their manufacturer. If I buy cheap devices off a flea market like Amazon, I want to sleep safe & know that the hub is preventing that device from messing with any other devices or accessing the internet. The hub can send me notifications and I can send it requests. It would be cool if I could choose to have the main hub database & software based in the cloud or on my local network.
Not sure if this is already possible. If it is, I would love to hear more.
The problem with these protocols is although they are more or less open, device manufacturers need to pay to be certified.
I get if you live in a densely populated area that drive-by type attacks would be very concerning.
not only that. One insecure system in the area could be infected and then controlled to attack other networks in the area. With a high density of IoT devices you could have malware spreading wirelessly device-to-device. Also with a wide IoT adoption with such devices being used by public/utilities companies (smart street lamps, leakage monitoring in pipes, smart electric grid etc) you don't even need a densely populated area to have that problem.
>I am more concerned about the bigger threat, global attacks.
I once read something among the lines that IT security needs its own Pearl Harbor event. I can neither quote it exactly or attribute it to any source
While all using the same transport layer they can continue to utilize different “brain” strategies.
Apple’s “brain” has always been in your home where your data belongs and should stay. Google started with the cloud but is moving towards the same model.
On the other hand Amazon seems to have no qualms slurping everything out of your home to their servers and no plans to change.
The more you know.
Reading between the lines of how Apple's been handling the "smart home" business, they've been focusing on privacy and security relative to competitors, but it's been holding them back.
I think the market has kind of shown that privacy (e.g. devices that aren't streaming to / dependent on the cloud) and security have not been primary concerns of the people who buy smart home devices, but solving those problems better may be key to enlarging the "smart home" market to include normal people.
[1] https://www.computerworld.com/article/3446197/why-we-need-ap...
1. Their lightbulbs to not be co-opted into DDoS attacks 2. That their cameras are only used by them 3. That others can't control their devices 4. That their devices receive security updates 5. That their devices don't contain back-doors 6. That their devices can be used when isolated from the Internet
... I imagine.
I see zero reasons to rationalise the need to buy yet another white box for the buyer.
Think why they can't sell much of these
Yet I don't see any mention of making those being able to work completely offline/standalone.
We rely too much on cloud services that ultimately get turned off after an undetermined about of time.
There is no way I am buying home automation equipment I cannot control myself, especially in a situation where the giants like Google could simply decide to terminate my account because I said or did something they didn't like and take down related systems with it.
The messaging would be agnostic of where the source is. It could be a device in the local network, or it could be a cloud-based service (assuming you open up your network).
HomeKit, for example, works locally, either over BLE or WiFi.
I bought a few cheap POE Chinese cameras that I use with Zoneminder but they are all blocked from any internet access except talking to Zoneminder (local).
I definitely agree, although I'd expand that to "talking to any servers at all anywhere for anything I don't explicitly grant permission for". However for that very reason I prefer WiFi/IP devices, because it makes it very easy and straight forward to apply all the powerful network management tools we have for everything else. All devices can go on their own VLANs for example, with careful management and logging of how they communicate. The real shame is that there aren't better, more consumer friendly tools for managing that more visually/automatically.
Custom radios aren't any inherent defense there, already there have been demonstrations of getting right into Z-wave/Zigbee networks using customized SDRs. They have a purpose from an ultra low energy and meshing point of view, but you should be suspicious of what security practices for such things will actually be. WiFi/IP at least has the benefit of tons of open attention and development for security critical situations already.
As for Z-wave/Zigbee, I could be missing a potential security hole but personally I am less concerned with my Z*-devices being hacked and more concerned with IP-devices being hacked and being able to talk to other IP-based devices on my network.
For example, it would suck to have someone be able to hack my door or lights but it wouldn't be the end of the world AND it requires physical access/proximity. This is quite different from someone on the other side of the globe being able to hack a device, hack other devices on my network (non-IoT), and then do something malicious (ransomware, identity theft, etc).
Right, at one point it looked like something like UniFi could show the way there, but Ubiquiti unfortunately has turned into a development dumpster fire and really lost its way, and I don't know of anyone else attempting something similar. The principle remains though that it's another path forward, there are already powerful tools for network control and management, and there are accessible open standards there. Putting a better UX on that is worth considering alongside other solutions is all.
>As for Z-wave/Zigbee, I could be missing a potential security hole but personally I am less concerned with my Z-devices being hacked and more concerned with IP-devices being hacked and being able to talk to other IP-based devices on my network. For example, it would suck to have someone be able to hack my door or lights but it wouldn't be the end of the world AND it requires physical access/proximity.
A lot depends on where you live. A few years ago for example there were a bunch of articles and demonstrations coming from research into and discovery of vulnerabilities in the ZigBee protocol itself. Because the whole point of it is meshing, if you're in an urban or even suburban environment with sufficient density, then a neighbor being hacked could then hack their neighbors etc in a chain reaction. And of course people had fun immediately putting SDRs on drones and doing a fresh new take on good 'ol war dialing, flying around owning anything they came across. Random example article:
https://www.theverge.com/2016/11/3/13507126/iot-drone-hack
Picked verge vs NYT since I don't think they're paywalled? Lots more though a quick DDG away covering the same thing at the time.
With meshing though, you do have to be somewhat careful about the concept of "proximity" and so on if there are protocol layer problems, which is less of a concern on WiFi for better and for worse. Your home might be locked down, but are you sure your neighbor or neighbor's neighbor and so on and so forth down the chain all have no entry point? I 100% grant it's more of a long term scalability consideration right now for many people, but hey, we're talking about a future protocol here!
Gonna be another exciting decade I guess :)
If you don't mind me asking what networking stack are you using?
Also thank you for the very well thought out and reasoned reply! I wasn't fully aware of some of those attack vectors.
Lastly I think I've been so anti-wifi IoT because of the inherent security issues with literally everything currently on the market. I see the wifi IoT as a bubble about to pop unless routers gain security features for IoT or some other major changes are made to how they work today.
I have a UniFi AP for WiFi, and a EdgeRouterX for route/switch. Of course the EdgeRouterX does not have the Fancy UniFi Management Portal but...
That was alot less than $800, I think I maybe have $125 in the hardware
* Cloud key
* 4-port POE switch
* Security gateway
* WiFi AP
I wanted to go all-in if I did it.
Having said all that, their PtP/PtMP links are still nice. Their APs are solid overall, and do have nice industrial design (though no word on WiFi 6, which for a new install I'd consider fairly important). The interface has degraded significantly over the last few versions, but it's still better and more unified than any other I know of. I mean, I'm still running it myself after all. But if you go that route know what you're getting into and look hard for open box and used stuff that'll be cheap. And I'd honestly suggest not bothering with the cloud key and just running the controller yourself, on an RPi or similar if you want something dedicated but cheap or else spin up a VM or container, or even just run native I guess if you've got a server you run otherwise. The CK is also ancient.
In summary: I adored UniFi, and the potential was(is?) fantastic, and their old vision was fantastic, and at one point they were a really solid venture all around. And I know of nothing else with the same vision either. Yet even so I'm expecting to have to dump it overall in the next few years, which sucks. But long bitter experience has taught me that glorious turnarounds are much more the exception than the rule :(.
I might go down the secondhand/used route if I do decide to do it. Right now I’ve got a single all-in-one router running LEDE and I like it but I’m not able to reach more than 60% of my fiber internet so I’ve been looking to upgrade. I decided that if I was going to throw a couple hundred at it I figured I might as well go all in.
It’s always sad to see a company throw away such a promising future. I saw their new AmpliFi “Alien” router and I’m half tempted to buy that and wait a few more years for a better option to present itself. Or even the UDM but it seems like a very odd offering to me... I guess I’ll keep looking, thank you again for the advice.
Was hoping to start with an extra AP or two for wifi coverage and then build out the rest in time.
Edit: basically looking for a way to avoid more wireless transmitters in the house. Or are all outlets "receive only"?
I gather it was:
- slow
- might have required you to make a connection in your circuit breaker
- and was designed in the 1970s, when home electrical systems weren't very noisy (apparently all the switching power adapters we have today make a ton of noise and make it hard for the signal).
I don't see why something newer like this couldn't be done -- we have powerline modems, right? Probably not as fast as wifi, but it does go where it is needed and requires physical access to hack.
Some devices are using Zigbee (a different wireless system), but I understand it was developed without security and isn't hard for third-parties to hack into.
Yep, that's inherent.
> - might have required you to make a connection in your circuit breaker
That's one way to do it. Another way just requires a bypass and filter at your circuit breaker what is much simpler and doesn't have to connect anywhere else.
> - and was designed in the 1970s, when home electrical systems weren't very noisy
This is where things got worse, and then they got better. Yes, electrical lines are very noisy, but the 200Hz - 100kHz band is only getting cleaner. Electric motors will interfere with it, so you may need a filter on your blender (but even it is much better now), but this is the prime band for electrical wiring.
Also, on chasd00 comment that it requires capacitors bypasses on transformers, that's only true on the higher bands, and only on devices you want connected to the network. So only the smart devices need to adapt.
[0] central as in "home router" not as "somewhere in the cloud"
I have just been playing around with IoT devices and was just trying to set it up.
https://en.wikipedia.org/wiki/Distributed_shared_memory
https://en.wikipedia.org/wiki/Software_transactional_memory
https://en.wikipedia.org/wiki/Consensus_algorithm
https://en.wikipedia.org/wiki/Raft_(computer_science)
https://en.wikipedia.org/wiki/Distributed_hash_table
The current trend of using async logic via message passing to maintain state is extremely error-prone and I personally consider it nondeterministic if it uses timeouts (which is pretty much the entire internet currently).
A much better system works more like Firebase, where clients can subscribe to change events but also have access to a single tree that holds the latest agreed-upon state. I'd recommend something like a distributed hash table (DHT) so that the entire state doesn't have to be downloaded by each client. The state itself should probably be binary JSON to start with, but the standard should be loose and allow for XML or anything else. This would take us to something more UNIX-like, where devices can be thought of as processes interacting via a single shared memory, and abstract away the tedious/brittle/insecure interconnect layer. It should also support unreliable message passing like UDP for realtime support, which is required for simulations and gaming (there is a higher than 50% risk of the protocol omitting this or getting it wrong).
After writing this out, I just realized that what I really want is an Actor model for IoT, where each device is completely isolated but communicates over channels like Elixir/Erlang or Go. I've come to reject both async and concurrent shared mutable memory because they each have major drawbacks. But I think that synchronous functional programming with primarily immutable variables and no shared mutable memory, building up a last known-good state inspectable by anyone with privileges is the future. The state could/should have something like an access control lists (ACL) and/or a permissions system. Ideally this should be hierarchical just like Firebase, and probably use a similar rule-based logic, to facilitate assigning roles to each client.
It's trivial to demonstrate that once you have this, you can build any other seemingly complex abstraction above it like a database or game server. We have been missing this abstraction for several decades so we keep witnessing company after company reinvent the wheel. As far as I know, the only attempt to do this is RethinkDB:
https://en.wikipedia.org/wiki/RethinkDB
Unfortunately, I'm not sure if it's still supported:
https://rethinkdb.com/blog/rethinkdb-shutdown/
https://lwn.net/Articles/713716/
As usual, I would gladly work on a project like this, but there is currently no funding mechanism to support foundational open source projects like this with market-rate pay.
The usual solution for this is that the data must be signed by a specific private key; possession of that key grants write permission. A generation count or timestamp is embedded in the signed data to ensure that newer data cannot be replaced with obsolete data. Malicious nodes can still block updates from being distributed, though, so you need more than one path to seed the data into the network.
https://firebase.google.com/docs/rules
https://firebase.google.com/docs/rules/rules-language
So Firebase permissions really have more to do with the identity layer than keeping the data secret.
I think that probably everything should be encrypted anyway. This was a largely solved problem even in the 90s, and embedded devices are about as powerful as the 386 and 68030 computers popular then.
We really need a distributed SSL identity layer though. Something like letsencrypt.org except the client's identity would come from the social proof of its peers instead of a central organization. Maybe this is already a solved problem in OpenSSL? I only understand symmetric key encryption, but not the man in the middle protections that SSL certificates provide. To me, p2p identity and encryption should have been a foundational pillar of the internet, not some controversial afterthought like we think of it today.
Definitely don't use older ZWave devices, only ZWave Plus certified ones. This ensures the network is fully encrypted and allows for greater range and throughput.
My next fun project is automating the watering of pots and the garden. Going to combine a ZWave-controlled solenoid with drip irrigation and some Home Assistant smart logic (daily rain, sun hours, humidity, temperature) to handle it.
It seems entirely possible to put voice recognition on local machines with downloaded updates, but of course they're never going to do this.