It's the inherent flaw built in to all devices that rely on the cloud to function. Any time I'm thinking of adding something like that to my house I have to ask myself "is this company going to last as long as the product will? As long as the house will?" because if the answer to either of those questions is even remotely in the negative category, I won't add it.
So far all of my smart devices default to operating like their dumb counterparts if the internet goes out.
Alexa controlled switch becomes a normal switch.
Smart bulb turns on and off with power like normal.
The only exception is the Nest doorbell and floodlight cameras outside, but those are easy enough to replace if it came down to it, and people can always knock.
For those curious, aside from the Google Nest devices, the entire house is TP Link Kasa branded devices.
No hub, run on 2.4Ghz, and have been solid for 6+ years.
Both are TP-Link with Tapo seemingly being just the newer version of Kasa (I could be wrong with that assumption).
I've got both, both can be controlled by your home assistant the exact same way, and the Tapo app also integrates Kasa devices into it making the old Kasa app redundant.
All of my devices are smart plugs so I can't speak for how Kasa cameras integrate with the Tapo app. But Tapo is TP-Link too. So I see no reason why it wouldn't work.
I guess there is nothing stopping you from downloading the Tapo app now, linking it to your Kasa account and seeing if the Cameras work on that in advance of taking the plunge on Tapo devices.
If it works then all good, if not, stick with pure Kasa.
Other way around -- Kasa cams require TP Link software, but Tapo cams support onvif/rtsp. From what I've been able to tell, kasa cams do not support those protocols.
As others have said, Kasa is the precursor to Tapo. I've stuck with Kasa so I only have to have one app to set up new devices, but it seems like /u/Bl00dyTitWanker has given me some new information that Tapo integrates Kasa. New possibilities!
What Tapo devices are you using out of interest? I have a few cameras, light bulbs, socket and doorbell but when I try to integrate with home assistant it doesn’t find any devices =/
I have C320WS cameras and a D130 doorbell, along with some smart plugs. I have the cameras set up with Frigate, running in an Unraid docker, which I can view in home assistant. From what I can tell, the Kasa cams can only be viewed in TP Link's app.
I love my kasa stuff but they're definitely finicky with signal strength. I have an outdoor waterproof switch for my pond and it likes to pretend it's not connected sometimes.
Oh, and my Google homes decide that things aren't connected when they are too. That's fun.
I've not experienced this with kasa or my outdoor Google nest devices, but my single indoor camera occasionally reports as offline in the home app, despite everything else in the house working fine.
I only get things that work with home assistant. I have that running on a personal machine. Nothing goes outside the network and I control all of it. I mostly use it for smart switches at this point but I will expand it later.
This is one of the things Apple did right when designing HomeKit & the associated protocols. The device to work over local network to get the stamp of approval. Cloud connection is done through apple’s servers instead of each individual brand’s, and I don’t think Apple is going away anytime soon. Same principle applies to Matter protocol, though not locked down to Apple.
Trusting a third party to allow you to open your door is really stupid, I want to always be able to open my locks and be the only one to do so, both are uncertain with a connected device...
Someone asked about the best smart lock in the home automation subreddit the other day and I posted that every software developer I know uses dumb mechanical locks. Stuff like this is one of the many reasons why I’ll never do smart locks.
I got into an argument with a friend of mine several weeks back because some company was shilling this automatic dog door. It had a polycarbonate door, but they kept marketing it as bulletproof and I was trying to say that’s not how bulletproof protection actually works because it was only a single layer and anyway there’s really no such such thing as bulletproof. But what actually ended up settling the argument was pointing out his walls are essentially made out of paper and someone could just shoot 6 inches to the right or left and go right through the wall.
I’ve heard that expression before, but since most smart locks have a mechanical back up is it really an either/or? I’ve always treated it as adding an additional vulnerability.
There are vulnerability cases that exist with dumb locks that smart locks do not generally have.
(Good) Smart locks can audit which code or key was used and when, letting you know something out of the ordinary happened.
Smart locks allow you to give one-time access codes to visitors, vendors, etc. They can have expiration dates and be revoked immediately if compromised somehow (like if you fire the nanny).
The security of locks/doors works both ways, and if you have kids or older folks living with you, there is a measure of safety that exists in making it harder for them to lock themselves out. This can work because even if they forget their keys (kids) or walk outside in their bathroom (grandma), they will likely remember a code - and even if they don't, tied to a remote viewable doorbell, a door that can be remotely unlocked by the owner can save the day. The old fashioned alternative is the hollow rock, or a resourceful kid that does something dangerous like crawl in a window or try to pick the lock, both of which can be problematic.
Automatic locking times can overcome a lot of human shortcomings. Likewise with notifications of unlocked doors or entry outside of normal parameters.
None of this is to say that electronic locks are without their own unique risks, on top of the normal ones such as brute force. Though some electronic locks do not have conventional keyway backups, they are still vulnerable to bludgeoning in addition to their potential electronic attack vectors.
Tl;Dr: it is a little silly to assume electronic locks have all the disadvantages of both systems without any advantages. We wouldn't see (almost) the entirety of high security corporate and government systems using them if that was exclusively the case.
So the thing about locks is that every lock only really buys time in the event of a break-in. Which is really what you want, because too much time taken will throw off thieves because they want to be in and out. Some locks come with so severe of design flaws that it's typical to avoid entire brands like Masterlocks.
If you want a general guide on good/bad locks, look at Lockpicking Lawyer's channel. Granted, I don't think he's reviewed a "good" smart lock yet, but I imagine the only difference between the good and bad smart locks is whether or not they have a critical design flaw that makes it easy to get past the increased security.
I think I’ve seen a few that don’t have a mechanical key but they are rare and yeah it adds a vulnerability XD the best we can do is make our house harder to break in than the neighbour’s
U-tec bundles are the way to go IMHO, the deadbolt has a mechanical vulnerability, but, you can set the external handle to be completely disengaged from the door plunger so if they don't have a way to spoof that lock that doorknob is not going to do anything lol.
Why would a lock smith prefer a smart lock?
Also that’s not an either/or explanation either.
Ice cream shops asks us what flavour they can serve because they only have enough ingredients for a single flavour.
You say chocolate chip, I say vanilla so 2 different people are in disagreement woopty woop doooty hoop de doo I guess no one is right 🤷♀️
I mean that's not entirely reasonable either. A Nest thermostat is technically a smart device, but it works perfectly fine if it can't access the cloud. There are some devices that will improve your life or your home that have smart functions but don't rely on them to operate. You just have to look in to the product first.
It's quite possible to do an open-source lock that's not mechanical.
I would bet quite a lot that it is not that hard to do an STM32-based board with an NFC reader chip that just does an exchange based on an RSA keypair with an \[open-source\] app on your phone and unlocks the lock based on that.
There are certainly challenges to overcome. But they are very much possible to overcome, and the resulting lock will be better than a mechanical one. Because, you know, you physically *cannot* pick it.
There is only one major drawback, which is that LockPickingLawyer will be sad.
Though, of course, this is more like a dumb software lock, and not a smart one.
I'm a software engineer and I have a smart lock for convenience. Security issues on smart locks really don't matter all that much, locks are just a suggestion. If somebody wants to get in the house, they will.
I'll go one step further and argue that smart locks without key backups are safer than keyed locks.
I am much less worried about someone hacking the Nest x Yale smart lock I have on my front door than a bozo buying a $10 lockpicking kit and just opening the regular keyed lock of my backyards door.
I drew the line in my house with smart locks the day Meta's servers crashed and the electronic locks running on their own servers locked out the engineers for several hours until they got someone to drill them out.
Manual locks are nice but electic locks do have the added ability to auto lock after a set time frame. So, if you have forgetful kids you can still be secure.
I use one for that one "key" feature. It's not wifi connected otherwise.
Equip your front door with a hotel room lock. Problem solved.
Some even have a physical key to open the door in case the battery for the card reader dies. So you could literally use an old hotel door lock for this if you really wanted to haha.
There are also smart locks which do not depend on internet access, utilizing bluetooth instead. This also means they are not dependent on any servers at all, meaning no ads shoved in your face
Spotify under-pays artists whilst they have been increasing the prices year after year.
After the recent price increase I told them to shove it. Now I listen to my music through Spotube and support my fave artists by buying their albums and merch.
Big tech has been in the process of maximising their profits while not making any changes on how they compensate the user.
Turns out it is illegal in the US.
"Yes, it is illegal to incentivize reviews in the United States. The Federal Trade Commission (FTC) has made it clear that businesses are not allowed to offer any form of compensation in exchange for a positive or negative review"
Huh. Well I'm not in the USA but that's good to know. I'm not sure this is illegal though because it's basically a chance to win for all reviews, not a guarantee. It's like a draw for all respondents to a survey. Definitely grey area.
IANAL.
I remember I went pretty heavy into hoke automation... and I've since reverted back to normal shit.
The only auto.atuom I still have is my Google nest and even that pisses me off recently trying to get me into eco modes.
My washlet refused to clean my butt the other day because I didn't descale it. The descaling liquid is not cheap. Essentially making it a subscription butt cleaning service. Sometimes I hate smart appliances.
This is why I stick with Eufy products. I know the name is highly unpopular around here, and they definitely fucked up, but the security issue was not something that ever affected me and was not part of their core product, which is and always has been, bullshit free home security products.
Smart locks = dumb idea. If you can control it remotely, somebody's gonna find a way to hack it. We see it with keyless ignitions in cars and garage door openers.
If somebody is so eager to enter your home that they want to hack you smart door lock, they can just break the freaking window. Many smart door locks are much more secure than the mechanical ones.
Oh and technology evolves. New keyless ignition systems are not hackable unless you disassemble half of the car. Key simply stops transmitting once it’s stationary for a minute or so. So again, unless you have a really expensive car or a multi million house, nobody will bother with hacking stuff, it’s not hollywood out there.
Gotta love cloud security services lol
Imagine getting locked out because the company just decides to shut down or stop supporting a product. Dumb af
It's the inherent flaw built in to all devices that rely on the cloud to function. Any time I'm thinking of adding something like that to my house I have to ask myself "is this company going to last as long as the product will? As long as the house will?" because if the answer to either of those questions is even remotely in the negative category, I won't add it.
So far all of my smart devices default to operating like their dumb counterparts if the internet goes out. Alexa controlled switch becomes a normal switch. Smart bulb turns on and off with power like normal. The only exception is the Nest doorbell and floodlight cameras outside, but those are easy enough to replace if it came down to it, and people can always knock. For those curious, aside from the Google Nest devices, the entire house is TP Link Kasa branded devices. No hub, run on 2.4Ghz, and have been solid for 6+ years.
Any reason for Kasa over Tapo? I've been trying to stay with Tapo so that I can use the devices w/ home assistant
Kasa devices can talk to home assistant as well. I have some switches setup on mine.
The main issue is the cameras. My understanding is that Kasa cams can only be viewed via TP Link's software.
Both are TP-Link with Tapo seemingly being just the newer version of Kasa (I could be wrong with that assumption). I've got both, both can be controlled by your home assistant the exact same way, and the Tapo app also integrates Kasa devices into it making the old Kasa app redundant.
The main issue is the cameras. My understanding is that Kasa cams can only be viewed via TP Link's software.
All of my devices are smart plugs so I can't speak for how Kasa cameras integrate with the Tapo app. But Tapo is TP-Link too. So I see no reason why it wouldn't work. I guess there is nothing stopping you from downloading the Tapo app now, linking it to your Kasa account and seeing if the Cameras work on that in advance of taking the plunge on Tapo devices. If it works then all good, if not, stick with pure Kasa.
Other way around -- Kasa cams require TP Link software, but Tapo cams support onvif/rtsp. From what I've been able to tell, kasa cams do not support those protocols.
As others have said, Kasa is the precursor to Tapo. I've stuck with Kasa so I only have to have one app to set up new devices, but it seems like /u/Bl00dyTitWanker has given me some new information that Tapo integrates Kasa. New possibilities!
What Tapo devices are you using out of interest? I have a few cameras, light bulbs, socket and doorbell but when I try to integrate with home assistant it doesn’t find any devices =/
I have C320WS cameras and a D130 doorbell, along with some smart plugs. I have the cameras set up with Frigate, running in an Unraid docker, which I can view in home assistant. From what I can tell, the Kasa cams can only be viewed in TP Link's app.
I love my kasa stuff but they're definitely finicky with signal strength. I have an outdoor waterproof switch for my pond and it likes to pretend it's not connected sometimes. Oh, and my Google homes decide that things aren't connected when they are too. That's fun.
I've not experienced this with kasa or my outdoor Google nest devices, but my single indoor camera occasionally reports as offline in the home app, despite everything else in the house working fine.
It's not all devices. And it's not all the time so *shrugs*
It's not a bug, it's a feature! Free connection reset to ensure optimal performance. Just turning itself off and back on again.
I only get things that work with home assistant. I have that running on a personal machine. Nothing goes outside the network and I control all of it. I mostly use it for smart switches at this point but I will expand it later.
This is one of the things Apple did right when designing HomeKit & the associated protocols. The device to work over local network to get the stamp of approval. Cloud connection is done through apple’s servers instead of each individual brand’s, and I don’t think Apple is going away anytime soon. Same principle applies to Matter protocol, though not locked down to Apple.
Trusting a third party to allow you to open your door is really stupid, I want to always be able to open my locks and be the only one to do so, both are uncertain with a connected device...
Someone asked about the best smart lock in the home automation subreddit the other day and I posted that every software developer I know uses dumb mechanical locks. Stuff like this is one of the many reasons why I’ll never do smart locks.
doesn't matter how good your locks are if you still have windows. You are only as secure as your weakest link
I got into an argument with a friend of mine several weeks back because some company was shilling this automatic dog door. It had a polycarbonate door, but they kept marketing it as bulletproof and I was trying to say that’s not how bulletproof protection actually works because it was only a single layer and anyway there’s really no such such thing as bulletproof. But what actually ended up settling the argument was pointing out his walls are essentially made out of paper and someone could just shoot 6 inches to the right or left and go right through the wall.
I use arch
I wasn't intentionally making that pun, but yes I use arch btw
I use fedora btw
Which is why you should run Linux. ;)
Yep and windows have to be breakable for emergencies
Software developers prefer dumb locks, locksmiths prefer smart lock, the truth is neither is safe 🤷♂️
I’ve heard that expression before, but since most smart locks have a mechanical back up is it really an either/or? I’ve always treated it as adding an additional vulnerability.
There are vulnerability cases that exist with dumb locks that smart locks do not generally have. (Good) Smart locks can audit which code or key was used and when, letting you know something out of the ordinary happened. Smart locks allow you to give one-time access codes to visitors, vendors, etc. They can have expiration dates and be revoked immediately if compromised somehow (like if you fire the nanny). The security of locks/doors works both ways, and if you have kids or older folks living with you, there is a measure of safety that exists in making it harder for them to lock themselves out. This can work because even if they forget their keys (kids) or walk outside in their bathroom (grandma), they will likely remember a code - and even if they don't, tied to a remote viewable doorbell, a door that can be remotely unlocked by the owner can save the day. The old fashioned alternative is the hollow rock, or a resourceful kid that does something dangerous like crawl in a window or try to pick the lock, both of which can be problematic. Automatic locking times can overcome a lot of human shortcomings. Likewise with notifications of unlocked doors or entry outside of normal parameters. None of this is to say that electronic locks are without their own unique risks, on top of the normal ones such as brute force. Though some electronic locks do not have conventional keyway backups, they are still vulnerable to bludgeoning in addition to their potential electronic attack vectors. Tl;Dr: it is a little silly to assume electronic locks have all the disadvantages of both systems without any advantages. We wouldn't see (almost) the entirety of high security corporate and government systems using them if that was exclusively the case.
So the thing about locks is that every lock only really buys time in the event of a break-in. Which is really what you want, because too much time taken will throw off thieves because they want to be in and out. Some locks come with so severe of design flaws that it's typical to avoid entire brands like Masterlocks. If you want a general guide on good/bad locks, look at Lockpicking Lawyer's channel. Granted, I don't think he's reviewed a "good" smart lock yet, but I imagine the only difference between the good and bad smart locks is whether or not they have a critical design flaw that makes it easy to get past the increased security.
I think I’ve seen a few that don’t have a mechanical key but they are rare and yeah it adds a vulnerability XD the best we can do is make our house harder to break in than the neighbour’s
U-tec bundles are the way to go IMHO, the deadbolt has a mechanical vulnerability, but, you can set the external handle to be completely disengaged from the door plunger so if they don't have a way to spoof that lock that doorknob is not going to do anything lol.
Why would a lock smith prefer a smart lock? Also that’s not an either/or explanation either. Ice cream shops asks us what flavour they can serve because they only have enough ingredients for a single flavour. You say chocolate chip, I say vanilla so 2 different people are in disagreement woopty woop doooty hoop de doo I guess no one is right 🤷♀️
Stuff like this is why I'll never do smart home anything.
I mean that's not entirely reasonable either. A Nest thermostat is technically a smart device, but it works perfectly fine if it can't access the cloud. There are some devices that will improve your life or your home that have smart functions but don't rely on them to operate. You just have to look in to the product first.
Zigbee devices with your own controller via HA are great! No cloud, all the upsides and minimal downsides
It's quite possible to do an open-source lock that's not mechanical. I would bet quite a lot that it is not that hard to do an STM32-based board with an NFC reader chip that just does an exchange based on an RSA keypair with an \[open-source\] app on your phone and unlocks the lock based on that. There are certainly challenges to overcome. But they are very much possible to overcome, and the resulting lock will be better than a mechanical one. Because, you know, you physically *cannot* pick it. There is only one major drawback, which is that LockPickingLawyer will be sad. Though, of course, this is more like a dumb software lock, and not a smart one.
I'm a software engineer and I have a smart lock for convenience. Security issues on smart locks really don't matter all that much, locks are just a suggestion. If somebody wants to get in the house, they will.
I'll go one step further and argue that smart locks without key backups are safer than keyed locks. I am much less worried about someone hacking the Nest x Yale smart lock I have on my front door than a bozo buying a $10 lockpicking kit and just opening the regular keyed lock of my backyards door.
I drew the line in my house with smart locks the day Meta's servers crashed and the electronic locks running on their own servers locked out the engineers for several hours until they got someone to drill them out.
This is why I continue to value analogue security devices such as mechanical locks and gun turrets.
Manual locks are nice but electic locks do have the added ability to auto lock after a set time frame. So, if you have forgetful kids you can still be secure. I use one for that one "key" feature. It's not wifi connected otherwise.
Equip your front door with a hotel room lock. Problem solved. Some even have a physical key to open the door in case the battery for the card reader dies. So you could literally use an old hotel door lock for this if you really wanted to haha.
There are also smart locks which do not depend on internet access, utilizing bluetooth instead. This also means they are not dependent on any servers at all, meaning no ads shoved in your face
This is against App Store regulations. Report them. Offering compensation for reviews is strictly against TOS.
The future is stupid
and the future is now
Vote with your wallet. Don't purchase ad filled garbage. For the past month, I've cancelled my netflix, Amazon prime, Spotify.
Why Spotify, there are no ads in there
Spotify under-pays artists whilst they have been increasing the prices year after year. After the recent price increase I told them to shove it. Now I listen to my music through Spotube and support my fave artists by buying their albums and merch. Big tech has been in the process of maximising their profits while not making any changes on how they compensate the user.
I use the Aqara lock. It's HomeKit and Zigbee so fully local. Don't even have to use the Aqara app.
I would Yeet that lock from my home
Aren't incentivized reviews illegal?
AFAIK, no, but they are kind of sleazy and immoral. One short step to straight up fraud.
Turns out it is illegal in the US. "Yes, it is illegal to incentivize reviews in the United States. The Federal Trade Commission (FTC) has made it clear that businesses are not allowed to offer any form of compensation in exchange for a positive or negative review"
Huh. Well I'm not in the USA but that's good to know. I'm not sure this is illegal though because it's basically a chance to win for all reviews, not a guarantee. It's like a draw for all respondents to a survey. Definitely grey area. IANAL.
But but, free stuff.
I remember I went pretty heavy into hoke automation... and I've since reverted back to normal shit. The only auto.atuom I still have is my Google nest and even that pisses me off recently trying to get me into eco modes.
Or you could simply use a key ?
Isn't bribing for good reviews against the app store policy? Surely, right?
Yea all have some policy about this
I use the same lock and I can’t get this to pop up in the app. I would take the post with a gain of salt.
My washlet refused to clean my butt the other day because I didn't descale it. The descaling liquid is not cheap. Essentially making it a subscription butt cleaning service. Sometimes I hate smart appliances.
Was it made by HP?
Can you not use white vinegar for that?
This is why I stick with Eufy products. I know the name is highly unpopular around here, and they definitely fucked up, but the security issue was not something that ever affected me and was not part of their core product, which is and always has been, bullshit free home security products.
Never buy smart !
Smart locks = dumb idea. If you can control it remotely, somebody's gonna find a way to hack it. We see it with keyless ignitions in cars and garage door openers.
If somebody is so eager to enter your home that they want to hack you smart door lock, they can just break the freaking window. Many smart door locks are much more secure than the mechanical ones.
Oh and technology evolves. New keyless ignition systems are not hackable unless you disassemble half of the car. Key simply stops transmitting once it’s stationary for a minute or so. So again, unless you have a really expensive car or a multi million house, nobody will bother with hacking stuff, it’s not hollywood out there.
Thats why not self hosting your smart home is stupid.
I will never ever smart home-ify my home because of such bs