Tell HN: Ambi Climate is closing down. Now I have 5 worthless units
Ambi Climate made a nifty system for remote controlling heat pumps.
Now the company is shutting down and I have 5 remote control devices that will become worthless since they require connecting to their cloud services to be able to change the temperature on my unit.
This is highly frustrating.
The units work well.
This has made me much more aware of all the different products I buy that are entirely worthless if the "service / hosting" company shuts down.
I will try to make an effort to buy "non cloud" devices but it seems like a challenge.
I wish Ambi Climate would release a version of the app that allows only temperature adjustment and on/ff.
8 comments
[ 3.6 ms ] story [ 15.6 ms ] threadIt's not the first cloud dependent device I've had bricked like this, I've got to stop buying these kind of products. I've also got to figure out some kind of local AC control in the next two months.
At least Ambi Climate will be doing some kind of partial refund to customer depending on when you bought it.
We have a lot of winter storms here, and power and/or cable or fibre can be broken by a tree.
To be unable to change the temp for a couple of days would seem highly inconvenient, so naturally I'm doubly nervous about such things. (I have a generator just in case).
But anything cloud connected, as a necessity? Nope. Never. It just leaves so much variability to your time and money.
https://valetudo.cloud/
https://www.reddit.com/r/homeautomation/
Maybe it can be solved with a simple firmware patch.
Generally, I'd recommend capturing the cloud traffic while you still can. Including the procedure that joins it to your Wi-Fi network! This will make things much much easier for you.
Check if it is encrypted at all. If not and if there is no magic authentication mechanism that uses secrets on the device, you might be able to mock the cloud quite easily.
If it is, check if it's implemented properly. Does it use HTTP? Is it HTTPS? if so, does it validate certificates correctly? Can you just give it something else? A self-signed one? A valid one for a different domain?
Does it use something self-built with static keys?
If that fails, the next thing to do would be to take a look at the hardware.
The Ambi Climate Mini 2 looks the most hackable of their products as it comes with an ESP32 and tooling for that is readily available. Maybe it could run Tasmota?
And people say yeah the EULA said they could sell your data but that's justification for this bad situation.