Pioneering research has discovered how smart devices talk to Android apps and each other to share data that allows them to know who enters a home, when, and how much they earn
My Password Is 1234
link
fedilink
English
311Y

That’s what I did 🙃 Unfortunately, some devices do not work at all without a connection to the manufacturer’s cloud, this also needs to be taken into account.

@Monument@lemmy.sdf.org
link
fedilink
English
8
edit-2
1Y

A long while ago, my first foray into smart home stuff was a Phillips Hue system. I used to use it exclusively offline, but I got deeper into smart home stuff and wanted to add some integration into my system. I don’t remember what anymore, but it meant setting up a Hue developer account, so I signed up. Gave them my email address. Stopped using the integration, moved, reset the hub, used it offline for years.

This February I logged into the hub for some reason. I think an accessory wasn’t working and Hue user docs said to log in or some such nonsense.

Five days ago, I got an email from Amazon. They told me that one of the batteries in a Hue switch was running low, and they helpfully provided me with a link to buy new ones. Their page for the device indicated that they were being updated with its battery percentage every 4-8 hours - and that I had authorized Alexa access to my Hue system in February.
I checked the Hue app, and it indicated no apps or services connected to my account.
Logged into the Hue website, dug into my settings, and there were a dozen app’s and services that had been “authorized” to access my account - none that showed up in the app.

Every smart device that has been on my network - devices that I never integrated with Hue (on purpose!) were all happily showing very recent access times to my data. Systems I don’t have accounts to anymore. I revoked access, of course.

Three days ago Amazon emailed me to let me know a different device needed a battery, and showed that Hue had shared the battery level of the device with them that day - 2 days after I revoked access.

Yeah… all their products are getting trashed, reflashed, or used with zigbee hubs I’ve built.

Norah - She/They
link
fedilink
English
14
edit-2
1Y

Used this tool just yesterday to stop some bulbs I got at Costco connecting to the cloud.

https://github.com/tuya-cloudcutter/tuya-cloudcutter

Having to hack even bulbs to avoid being spied on is a new level in dystopia.

My Password Is 1234
link
fedilink
English
41Y

I have flashed all the bulbs and ceiling lights in my house and they work locally on FOSS firmware now 😉 It is not a big deal. I have very poor soldering skills, and I did this anyway.

Norah - She/They
link
fedilink
English
151Y

Oh, I could make it worse if you’d like? That tool isn’t made for just the bulbs I got at Costco, it’s made for any device in the Tuya ecosystem. What’s Tuya? They’re a Chinese white-label manufacturer that makes smart devices that other companies can slap their brand on. They’ll throw you together an app too, but all of the API calls go through their infrastructure. Bonus, they also make security cameras that send footage to their servers, and smart locks too. They’re literally everywhere, but I’m in Australia so that’s where I’m basing this list:

  • Mirabella Genio
  • Tapo
  • Laser (Big W)
  • Anko (Kmart)
  • Feit Electric (Costco)
  • Grid Connect (Bunnings)
  • EKO (only makes security cameras)
  • Kogan SmarterHome
  • BrilliantSmart (Brilliant Lighting)

And that is, quite literally, only to name a few.

YⓄ乙
link
fedilink
English
31Y

Thanks mate.Moving forward I am Not going to buy anything “smart”

Norah - She/They
link
fedilink
English
31Y

I mean, there are still plenty of ways to have smart things that don’t communicate with the internet. Ikea’s stuff is all zigbee, they don’t have wifi at all. You can get one of their hubs to control from your phone, or they sell remotes with zigbee you can pair directly to control a set of bulbs. They never have to see internet at all.

@princessnorah @yoz rlly??? I might have to look into this!

Norah - She/They
link
fedilink
English
31Y

Yeah. As well, if you want to upgrade to a Home Assistant setup down the line, all you need is a $50 Zigbee USB adapter. If you’re more tech-savvy then you can also buy bulbs from somewhere like https://www.athom.tech that come pre-flashed with open source firmware. Either ESPHome, Tasmota or WLED are available. These are wifi, but everything is local, and you can block them on your router without issues. ESPHome is what I have running on the bulbs I rescued.

Fly4aShyGuy
link
fedilink
English
21Y

Good link for that site. Currently shopping bulbs for my just recently arrived home assistant green and hard to find consistent information on best bulbs to be using. Love that these are flashed with open source already but I think due to the amount of bulbs I need and their location I’ll be better suited with Zigbee. Will definitely check this place for future devices as I build out the system.

@princessnorah that’s awesome! When I move out imma buy all this lmao

Aniki 🌱🌿
link
fedilink
English
5
edit-2
1Y

deleted by creator

Create a post

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.


You can subscribe to this community from any Kbin or Lemmy instance:

Learn more…


Check out our website at privacyguides.org before asking your questions here. We’ve tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!


This community is the “official” Privacy Guides community on Lemmy, which can be verified here. Other “Privacy Guides” communities on other Lemmy servers are not moderated by this team or associated with the website.


Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don’t ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don’t repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don’t abuse our community’s willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

  • 1 user online
  • 1 user / day
  • 5 users / week
  • 69 users / month
  • 650 users / 6 months
  • 1 subscriber
  • 664 Posts
  • 11.1K Comments
  • Modlog