Home automation

Dieselboy · January 15, 2018, 06:53:00 AM

Hi guys, does anyone know a bit about home automation? I'm looking for something inexpensive so the simpler the better. I want to be able to visually show my calendar has an appointment for example, I'm busy so a light turns on; or something like that.

The idea I came up with was to use IFTTT, google home and something like phillips hue. I would link hue and google calendar together with middleware IFTTT (if this then that) and when I'm busy a light would come on. Then when I'm free the light would go off.

While this would probably be ok, I would need the Philips hue bridge as well as the light bulb and the light to put it in. Does anyone know of any such smart light that's small or could be hung on a wall?

The use case is that I want the meeting rooms in the office to visually show outside when they're busy / scheduled meeting. I'll link google calendar to the light, basically

icecream-guy · January 15, 2018, 09:01:13 AM

What's the budget??? a company I used to work for had wired marquee signs outside each conference room with built in calendar, and integrated into the exchange mail system. one could walk bu see if the room was busy, check free time there, or at their desk, nice but pricey

Box box stores like home depot here in US, have plug in home automation, lamp plugs into little box, little box plugs into wall, you can use an app to control the device.

biggest problem is security, many of these HA vendors are vulnerable, ya wouldn't want your light turning on and off all night long.

I personally not messed with HA, due to vulnerabilities.

wintermute000 · January 16, 2018, 03:48:18 AM

Yep I'd definitely only put them on a LAN without any inbound internet access unless you can afford to stick a proper NGFW in front of it with all the trimmings (sand-boxing, IPS, all the subscriptions etc

). Watch for uPnP.

Even then I'd never put stuff like smart locks online, you're just asking for trouble. Lights etc at worst you'll get pranked I suppose.

You can bet that IoT code is shoddy and never updated (abandonware).

deanwebb · January 16, 2018, 11:39:36 PM

Take a good, hard look at IoT security, Morty.

Yeah, it ain't pretty. Some things you can't un-see, but this is for your own good.

Imagine that someone breaks into an Internet-enabled light bulb and discovers an SNMP v2 management community string. What are the odds that it's used somewhere else, like a Cisco router? And what are the odds that the local admin account on the Cisco router - whose hashed password is broken after googling up "Cisco hash crack" - is also an admin account in AD?

Actual thing that happened, although "light bulb" can be replaced with several other devices and I've heard the story for those, as well. My job is to discover these IoT devices on the network, ask questions about what they are, and then determine policy for their network access. Invariably, this leads to hitting the IP addresses for these devices on port 80... and then googling up the default root username/password... and then getting in... and then discovering how we now are looking at a database of all employees and when they last used their keycard for entry.

This is not using programming knowledge. This is not even using script kiddie methods or boxware sploits. This is just looking at the default web page, noting the vendor name and model number on it, and then using Google to get the default credentials to get in. It's that bad, and I hear about it all the time and I help customers with that issue. When we discover this, there is usually a short break in the schedule so that the customer can alert appropriate staff to deal with the problem. NOW.

So many of these devices are wide open on HTTP and Telnet because the manufacturer couldn't be bothered to put a certificate on the devices to permit HTTPS and/or SSH. Back to that keycard example, guess what else was in there? It was tied in to AD, so a domain admin service account credential set was in that configuration. These lightbulbs being connected to Exchange isn't as bad as that, but it's something that can still be used.

I would strongly advise that an admin instead print off the schedules for conference rooms each day and tape them to the doors, so that their free/busy status as of the start of business is there for all to see. If someone books a meeting after the schedule goes up, then that same someone can jog over to the schedule and block out the time for the meeting.

Dieselboy · January 24, 2018, 01:29:39 AM

Budget is cheap cheap! 🐦

Those wired signs are great. At my last company they had some kind of Microsoft tablet thing (this was back in 2009, so I have no idea what they were). These tabets were fixed to the wall outside the meeting room, a bit like a plaque that says the name of the meeting room or floor details in big fancy offices. You could book the meeting room out right there from the tablet and it would signal when the meeting room was engaged.

I'll connect any insecure devices into the VLAN created specifically for these kinds of things. I completely understand the points you've made

I was looking again earlier and I found that there's PoE lights now: http://www.assets.lighting.philips.com/is/content/PhilipsLighting/f6acf3f3a68b4acfbc5da71b00afa020

I'll keep looking

deanwebb · January 24, 2018, 09:30:30 AM

The tablet solution seems to be the best one to me, as at least a tablet can be manageable and the major vendors should be around for the long haul.

Dieselboy · January 24, 2018, 07:48:40 PM

I agree with that.

About that rick and morty show - I am a fan of the creators, I am a fan of time travel and a huge fan of back to the future. I am also a fan of comedy (who isn't). But I am physically unable to watch rick and morty because of the constant burp-talking

deanwebb · January 24, 2018, 08:03:32 PM

Quote from: Dieselboy on January 24, 2018, 07:48:40 PM
I agree with that.

About that rick and morty show - I am a fan of the creators, I am a fan of time travel and a huge fan of back to the future. I am also a fan of comedy (who isn't). But I am physically unable to watch rick and morty because of the constant burp-talking

Rick does have that habit... I think the Pickle Rick episode didn't have any, though. Worth checking out.

icecream-guy · January 24, 2018, 08:59:16 PM

Quote from: Dieselboy on January 24, 2018, 07:48:40 PM
I am a fan of time travel

Dude you want to time travel??? I know the secret, __realllllly easy_____ ......

look up at the sky on a clear night outside the city, boy you will have one trip, you can travel back literally millions of years in a split second...

dlots · January 25, 2018, 07:54:42 AM

I looked at home automation briefly, but wasn't a big fan. Most of the products are cloud based so you run the risk that your entire home automation stops working if the internet goes down. Or worse if the company goes out of business and/or they get bought out and they have their servers turned off (This has happened).

deanwebb · January 25, 2018, 12:31:39 PM

Quote from: dlots on January 25, 2018, 07:54:42 AM
I looked at home automation briefly, but wasn't a big fan. Most of the products are cloud based so you run the risk that your entire home automation stops working if the internet goes down. Or worse if the company goes out of business and/or they get bought out and they have their servers turned off (This has happened).

Don't worry, some devices will have their development and support taken over by the NSA...