I’m choosing devices based on how good they work with zha and HA and usually have to browse a bit before settling for something. If they manage to implement this properly, I’m all here for it.
Maybe they should talk to the zigbee device compatibility repository people (or maybe they already have).
I don’t think you understand what local control of smart devices means…
I don’t think you understand that these devices are not secure. By design they aren’t secure, they collect more than they let on, that information is accessed by data brokers. To trust manufacturers in saying information is not being collected despite the capability for it in the machines, to trust they aren’t sharing data, aren’t selling it, is laughably naive this 2026. It doesn’t matter what they told you, you are surrendering your information to data brokers one way or another, and by extension to the worst people in the world, that can and will use that information against you whether it is readily apparent how or not.
Home assistant is used by a lot of security savvy people. It’s not to their benefit to leak data like that.
Local control also means you can isolate IoT devices from the internet. You can make it so they CAN’T exfiltrate data. You can wrap your insecure IoT devices in a secure wrapper.
The database is for how well devices work in this environment. Will they work fine, or throw a fit and stop working.
While that sounds interesting, my broader point is you should buy non connected appliances. That you can’t trust you will be able to keep that information from data brokers.
There are base exploits written into the internet as we know it, you can’t trust you can keep them out, even in knowing all of that, but yes maybe I came across half cocked there I could’ve made my point less dickishly sorry. And if _* you do decide to have smart devices, and we already do with our computers and phones so it’s almost a moot point without addressing that (with open source phones and operating systems on computers,) it’s better to have a system to minimize the possible fuckery ports.
Because the internet is corrupted at a base level, moreso than you know.
If you’re trying to fend off the CIA then your worries have merit. My goal is to limit casual data leaks and bypass attacks.
Normal worst case, someone can see when I turn lights on and off. Or mess with my thermostats. There are easier ways to gather that info.
Can you actually back up any of those statements, particularly when we are dealing with things like ZigBee, tasmota, or espHome?
Oh idk about vulnerabilities being limited to sophisticated actors like the nsa in the us or the five eyes countries that give an end run around prohibitions on spying on their own citizens purportedly leading spying in member country then sharing it back with them, even when it’s cia doing all the spying and just forwarding it to the uk and back with a letterhead.
Corporate interests themselves have vulnerabilities written into everything. Palantir type companies, a bunch of super shady Israeli companies that repurposed the most malicious codes ever written, written by our intelligence agencies to target Iran and the like, (flame, others,) to spy on computers, phones, and everything connected.
But also just data brokers in general are hooked into data flows those manufacturers said they weren’t taking and ineviably are caught taking anyway because who is going to stop them, and what are they going to do about it when they find out? And the answer is if some do gooder catches them and forces the authorities to act, they will just have to pay lawyers to negotiate a payoff to the government without admitting responsibility, and are mostly insulated from consumer lawsuits anyway as ToS agreements force all of their purchasers to waive their rights to sue in using those products. You are also criminally liable for changing the code on any of them, or even breaking any electronic “lock,” on any of the electronics.
So if there was a vulnerability and you publicized it and a how to fix the software the feds could charge you with a serious felony. Based on some 1998 law to protect cd companies, and I think a newer law as well.
Back up what statements? That corporations spy on us and can’t be trusted? And to suggest that surrendering even the capability for everything you do to be garnered by hackers in addition to just accepting the nsa and cia wil get their hands on it and run it through ai threat detection and then disseminate their half baked conclusions to agencies and business secretly in a way that will affect everything but you will never know or be able to challenge, is a threat whether you realize it or not. Social credit scores run by palantir types but not at all limited to them. Privatized social credit scoring at that, owned by the antichrist himself.
We are in a forum talking about Home Assistant, an open source piece of software, aimed at patching over the annoyances and games the various companies you are complaining about play.
It lets you control them all from one piece of software, so you don’t need 20 apps on your phone, and the spying they support. It also lets you isolate the devices on their own vlan, cut off from the internet completely. All control then goes through software under our control.
The database it’s talking about is basically a scoring of how nicely the various devices play once you have deloused and neutered them.
It’s a community attempt to fight back against big data etc. This is why you are being down voted hard. You’re interrupting with a rant about the very thing we are fighting.
I don’t care about downvotes. That is interesting, my point that it’s better to not have internet capable appliances in the first place is valid, as well as the point that you can only minimize the potential to be spied on not eliminate it, I would strongly presume the NSA has a backdoor for instance. Suspect the manufacturers have ones too. Possibly fusible links to brick them all to boot, as is rumoured.
But it’s good to minimize the danger if you insist on having them, and with phones and computers we all do now. The post would garner more engagement and less such flak if it just explained that in the post page and not assume everyone s a linux developer
Or you could realise you are in a group focused on a single bit of software and do a 5 minute investigation into said software.