i am just starting out with openHAB. Are the hardware bindings only approved that are compliant with the cloudless ideal, or are there bindings for cloud dependent products too?
after watching this compelling video from Kai Kreuzer https://youtu.be/DYB20Y4jXnA about how openHAB is designed to help people design and build smart homes that are cloud connected, but not cloud dependent.
i was blown away that he had the same focus that i did when i first took the plunge into smart homes a couple of years ago when i researched the crud out of the phillips hue starter set and nest thermostat. i bought the phillips hue set and have been super happy. the internet can go down and it works just fine wirelessly on my home wifi.
the nest, at least at that time seemed disturbingly dependent on an internet connection to work correctly, if i remember correctly, but i have NOT bought that.
but if this is the vision of both me and Kai Kreuzer, just as important as the openHAB platform would be a list, that could be maintained by the community probably of recommended cloudless hardware.
certainly this topic has been covered somewhere else, but i have not found the answer in the community.
I am not aware that such a list exists, nor am I aware that such a requirement would exist. Quite a few devices can be run locally (although being cloud connectable), such as you already noticed with hue; Tradfri from Ikea and TPlink power switches is another example that comes to mind; some you have to configure (my most recent experience here is with Shelly bulbs) to be local only, others you have to flash (ITEAD devices) to break them out of the cloud.
But if you look beyond devices, other integrations make cloud connections necessary: most voice integrations, alexa, google and homekit of course, and some database integration for persistence will require cloud access. Don’t forget that openHAB has it self a cloud service: myopenhab.org.
So the whole picture is a little more nuanced.
i hope that people will watch at least the first part of this video. there isn’t much nuance in my way of thinking. i want devices and services that respect my desire for privacy. i do not want the cloud. there is no cloud. just other peoples computers, with data breaches in the news every day.
some things like my credit card and store accounts, i don’t have a choice, my information is out there. as for my optional connections to the cloud, like my smart home devices, i want to avoid them. having my cake and eating it too is being intelligent or thoughtful enough to leverage the choices i have whether or not i am willing to compromise my privacy just for conveniences.
even as a technology enthusiast, i still realize that these conveniences would not have been missed even 20 years ago. so is automation worthwhile? absolutely! at risk of someone else controlling my house? no way. if i really want cloud integration, i can even roll my own cloud, right?
is this way of thinking so far off of the vision Kai Kreuzer started with?
your reply helps, thank you. i am totally willing to jailbreak devices to fit my needs and will look into the ones you mentioned. ideally the manufacturers will respond if the market demands cloudless devices.
Most of the smarts in the Nest are in the device. It works just fine as a stand alone device. But external control, like from OH does require internet.
OH has 333 2.x version bindings with another 50 awaiting approval. Each binding represents a technology (e.g. zwave) or API (e.g. OpenWeatherMap). Creating any sort of list of supported hardware is a HUGE effort that would take many man years of volunteer effort and which would never be up to date. Even if one were to limit it to non-cloud based devices, the list would be in the tens of thousands.
You will not find any centralized lists of supported devices. It’s just too much work, no one is willing to volunteer to do it, and the benefits are questionable given the cost of the work.
What you will find is a list of bindings which will tell you what technologies/APIs are supported and one can usually tell pretty easily whether Internet access is required. But it is going to require just a little bit of research on your part.
For openHAB, yes. But for some other technology or devices like Nest, no.
In my experience, most home automation enthusiasts are a little more pragmatic about this. For example, if you are only worried about privacy alone then “no cloud allowed” it is. However, if you are also concerned about your network security and have a requirement to be able to access your home automation while not at home, or to get notifications from your home automation when not at home are you going to punch a hole in your firewall? That is a HUGE security risk. I’d only recommend doing that if you really know what you are doing. And if you really know what you are doing, you wouldn’t consider doing it in the first place.
So maybe deploy your own instance of the openHAB cloud on AWS (other people’s computers) or use myopenhab.org. You might be trading a little privacy for security gains in other areas.
All of these sorts of decisions should be made based on a risk benefit basis. And thus “the whole picture is a little more nuanced” not only from how do you identify what devices support local control only, but each individual’s assessment of risk/benefit trade offs.
i have noticed you spend a lot of time helping people in this community, maybe one of the top contributors to the community, so you must have the patience of a saint and a heart of a servant, so thank you for what you do!
so… with respect, i have a vpn setup on my synology router that allows me to monitor my security cameras while away that works great, and doesn’t seem particularly risky. am i missing something? i figured that when the time comes, i will use vpn to access any home automation or messaging if i decide that would even be necessary.
i love having a conversation about philosophy of use or appropriate application of openHAB, before i dive into the deep end of the learning curve.
So long as you know how to and actively monitor it for attacks and keep both the server and clients up to date, and take actions to mitigate any unfixed CVEs you are probably reasonably safe. Though I do highly recommend both password and certificate authentication to give you two factor.
Fail2Ban is also a nice way to slow down automated attacks.
This is a bit more difficult to do. They’re really are not any local services I know of that have a phone app that lets you send notifications “on your LAN” as it where. I suppose hosting your own instance of openHAB Cloud might be an option. I don’t know how it works when everything is local.
But also think of this. 90-95% of OH users would not know how to set up a VPN and know to and how to keep it secured. That’s why we have my openhab.org. To give less technically knowledgeable users a safe way for remote access.
Ultimately, OH is made for a host of different types of users. From the adverage Joe to the most technical DIY electronics enthusiasts. The anti-cloud cohort is really a small minority of OH users. While OH will allow and support such users as much as it can, the vast majority of OH users just want it to work with what ever technology or API they happen to have, cloud or not. So you will never see OH dropping support for cloud based apis.
i think having the system send me sms through email or something like that would be a safe way of getting alerts or notifications from home.
and the more i learn, the more intimidating security is. i have been looking at mycroft.ai for the voice / notifications and just read this sobering article…
everything is changing so quickly. i watched elon musk telling joe rogan yesterday that the number one concern he has about the future is ai, and he has had no luck to get anyone in the us govt to pay attention and get ready for what is definitely coming
I’ve always found that if a device doesn’t support 802.11 things its typically not a cloud based solution.
Also instead of SMS, I’ve really come to enjoy telegram as my notification method; it can be tricky to get going as you have to get some important things from your bot account. However when done the rule is simply:
sendTelegram( "bot1", "Thermostat updated to " + nestaway )
But both of those are cloud services. At least in that they both require “other people’s computers”.
Have you seen this?
That’s a pretty good mitigation.
And they’re other was to mitigate. All of the Google Home devices (I believe, at least the ones I possess) have a physical microphone switch.
And also, consider what it takes to pull an attack like that off. You would either need to hack into someone’s radio or TV to play the secret command, or you would basically need to have close to physical access to the device at which point you have bigger problems to deal with than someone ordering a bunch of socks from Amazon.
He certainly believes that it’s coming and is comming soon. But his opinion is definitely in the minority. AI can do some amazing things and they’re certainly is a lack of an ethics guide like there exists for science and medicine which is a major concern. But AI is a long way away from the sort of thinking and ability that would justify the fear people like Musk and Kursweil (I’m sure I misspelled his name but he has made a career beating the drum about AI and the Singularity). I recommend listening to some lectures by John Searle to kind of balance your exposure to fears of AI. I’ve real problems with Searle too (he’s come up with The Chinese Room argument against AI but he fails to prove that the way the brain works isn’t a Chinese room itself) but at least he isn’t fear mongering.
This takes us back to lipp_markus’s “it’s nuanced”. For example, Shelly and anything flashed with Tasmota will work on 802.11 but neither requires a cloud to operate. Some (but not all) wifi power outlets can be controlled locally without a cloud service.
back to my original question, what about color coding, like red for cloud dependent or blue for cloud enabled / cloudless bindings? obviously the process of getting bindings approved by Kai Kreuzer or his team is non-trivial, and in that process he or his team certainly know whether or not the binding is cloud enabled or cloud dependent. does anyone think that may be a reasonable / useful feature request?
Usually, yes. I had my first run in via Nest which is still in place but I have dumbed it down a lot as its “smarts” kept kicking the temps on while no one was home; possibly due to traffic going by or some other factor (which is difficult to track down when you are never home). I have OH control all the settings and based all the various changes on Astro season changes and like that flexibility a lot more than what Nest offers itself.
I used WeMos for a short while and eventually replaced them with zwave as I had issues any time I reboot/restarted OH; it was only two light switches; so more of a lesson learned vs lost time and while controllable from OH (not sure if it worked like Nest) don’t like that my switches show up in a cloud without first asking to be put there.
Lifx is my most recent purchase, I needed these as my bedroom was designed with a dual slider switch; changing to a zwave switch and I lost light control as its a fan/light combo. With Lifx they turn on automatically when power is restore to the fan but OH turns the lights off when the thing comes online vai a rule. Lifx gives you the option to stay out of the cloud or to create the bulbs in a cloud space.
i only have one right now, the ihome isp6x, and it works beautifully to turn the outside heater on/off for my dog house, but i feel like i had to sell some small part of my soul for that one. it just works, and i’m not sure how, which makes me a little queasy. if the internet goes out, i am afraid my dogs could freeze here in michigan. btw, we had a biblical weather event in the last 24 hours here that mad the national news, lol.
Co-worker of mine has one of these for his hottub/christmas lights and seems to work well for his needs:
GE Z-WAVE PLUS PLUG-IN OUTDOOR SMART SWITCH 14284
i have actually been considering dumping hue for lifx, because i still am required to go through the hue website to authorize control. that stuff creeps me out. yes, i am a control freak. i originally went to school for electronics 20 years ago with one thought that keeps me going today… i am not comfortable not knowing why things work. and now that so much cool open source hardware coming on the market (my newest favorite here… https://openthings.io) we can really start to own our things instead of having a pentalobe screw telling us we are just using our $1250 device, we don’t really own it.
my ultimate goal with all of this is designing a smart greenhouse that controls temperature and humidity and having an app to monitor and control all the variables.
I’ve found with OH you don’t need an app, you need hardware that reports in values and you have rules in place to automate things or leverage telegram and receive notification that something is wrong. You can combine the automation results with telegram; if temp/humidity is over a certain amount then kick off water sprinkler and send notification with what was done and report the values that triggered the rule.
GSM diallers sold as e.g. intruder alarm accessories. Install a SIM card like a cellphone. Usually pre-programmed SMS or voice message, triggered by simple contacts. Models exist with a half-dozen different triggers/msgs.
Great for “panic” messages, not so good for flexible messaging.
actually, if the you know what ever hits the fan, it’s one of the most reliable infrastructures that’s still available. probably more reliable than the power grid, imho.
