If the device dont provide local connection, there is nothing home assistant can do about it. Some device will also send data to the cloud even it is locally controlled by HA.
Thanks to laziness of the device manufacturers, a lot of them either expose some data endpoints locally, or just use Zigbee which can be easily paired to be used local-only.
Those that require Wi-Fi access can be filtered on the router to disable internet access.
Which is why these companies that are marketing wifi and cloud-polling devices should be held responsible for the data breaches and regulated more rigorously.
It should be cost-prohibitive to design a smart device that sends data to a centralized server, but they do it because the upside value of having the data is so attractive. They shouldn’t be allowed to hide behind a ToS agreement with mandatory arbitration when their security is inevitably breached.
Seriously. It sounds like you have an informed and well-reasoned opinion. They’re not 100% corrupt. And they usually only hear about tech from industry lobbyists.
Let them hear from an intelligent constituent for a change.
I do it when I can, but that kind of influence just can’t be done by a handful of tech-literate terminally-online weirdos. It takes a buttload of money or a massive amount of public attention to push an issue like this forward, especially when political operatives absolutely benefit from both the data and the companies involved. The political calculus just isn’t there.
More people need to know and care about this before any legislator is going to spend political capital on it.
Having done this before and being told to basically get stuffed from one of their underlings I have zero faith in it. It’s basically just another token thing that’s about as useful as “thoughts & prayers” for the most part.
I don’t mean they literally told me to get stuffed. They won’t personally take your call nor read your letter. You might get lucky and they’ll let you physically come into their office but that’s about as far as you’ll get.
Yet another reason why IoT crap sucks. You don’t need to put everything on the internet. This one should be obvious.
The “S” in IOT is for “security”.
Home assistant tries to keep shit local.
depends on the device.
If the device dont provide local connection, there is nothing home assistant can do about it. Some device will also send data to the cloud even it is locally controlled by HA.
Thanks to laziness of the device manufacturers, a lot of them either expose some data endpoints locally, or just use Zigbee which can be easily paired to be used local-only.
Those that require Wi-Fi access can be filtered on the router to disable internet access.
People don’t think about that. You have to register somewhere in order to use your $12.99 cam, install some app and are good to go.
How would a someone not interested in tech know that the footage data is stored on some online server and you are at the mercy of their itsec.
Which is why these companies that are marketing wifi and cloud-polling devices should be held responsible for the data breaches and regulated more rigorously.
It should be cost-prohibitive to design a smart device that sends data to a centralized server, but they do it because the upside value of having the data is so attractive. They shouldn’t be allowed to hide behind a ToS agreement with mandatory arbitration when their security is inevitably breached.
Take it up with your congressman.
Seriously. It sounds like you have an informed and well-reasoned opinion. They’re not 100% corrupt. And they usually only hear about tech from industry lobbyists.
Let them hear from an intelligent constituent for a change.
Good luck with that, your voice is going to be drowned out by all the companies masquerading as “people” whom they really represent.
Taking the time to get in touch with representatives at all levels of government is just good citizenship.
Sure, there are lobbyists. But there’s me too. We can’t expect to enjoy a civilized society unless we put in the effort.
I do it when I can, but that kind of influence just can’t be done by a handful of tech-literate terminally-online weirdos. It takes a buttload of money or a massive amount of public attention to push an issue like this forward, especially when political operatives absolutely benefit from both the data and the companies involved. The political calculus just isn’t there.
More people need to know and care about this before any legislator is going to spend political capital on it.
Having done this before and being told to basically get stuffed from one of their underlings I have zero faith in it. It’s basically just another token thing that’s about as useful as “thoughts & prayers” for the most part.
You have to be nice. You’re selling an idea that is probably foreign to them.
I don’t mean they literally told me to get stuffed. They won’t personally take your call nor read your letter. You might get lucky and they’ll let you physically come into their office but that’s about as far as you’ll get.
Good luck holding a company sitting in China “responsible” for about anything.
The question isn’t “how would someone know…?” the question is “do you know what a hacker does?”.
With end to end encryption, and requiring manual key transfer (no key sync), this would not be an issue.