Ah yes to make your lights work, we need all your data. Stuff like this is why I don’t have “smart” anything.
It’s perfectly possible to have a smart home that does not call home. Home Assistant is an amazing piece of software that can allow smart devices from different manufacturers talk to each other without connecting to a cloud service — all done locally.
This is the only way I would go about it. Maybe in the future if I really want it but really, the more tech, the more vulnerabilities. I’m fine with manually turning things on and off even if it’s self hosted.
deleted by creator
How
Put home assistant on a raspberry pi, plug a Zigbee dongle to it, and start connecting smart gadgets to it. Or better yet buy a home assistant Green. You can check the home assistant docs to see if a smart device requires cloud connectivity to work — in general if it connects through Zigbee (or ZWave or Matter) then you’re good, but if it connects through WiFi then it probably is cloud based.
https://www.home-assistant.io/
https://www.seeedstudio.com/Home-Assistant-Green-p-5792.html
Can confirm. I run Home Assistant and Rhasspy with Sengled bulbs and none of transmits info. The devices themselves aren’t generally the issue, it’s the hub that operates them that would be collecting and sending the info. Remove that, and you don’t have to worry.
Why do I need a RaspberryPi? I can’t use my regular Linux PC? What is a Zigbee dongle and why is it mandatory? What do I do if he device is cloud based?
You can use your regular PC if you want, but having an always-on server (the pi) makes it more convenient to use from, say, your phone.
Zigbee is a popular wireless communication protocol used by iot devices. Without the dongle you won’t have any way to talk to them.
If it’s cloud based, buy something else that isn’t.
Perfectly valid to ask how to protect your data using the tools the other user mentioned. Not sure why you were downvoted for asking simply how.
@tjhart85 care to explain?
Sure! Click the link at the very top of the page! You know, what this entire conversation is theoretically talking about? It takes you to a Home Assistant page and even has some details on their philosophy and links to even more details about their privacy focused philosophy! I thought saying essentially “read the fucking article” would be pretty asshole-ish and wouldn’t contribute anything to the conversation, but I also thought that your question contributed nothing, so I downvoted.
Did that answer your question sufficiently?
If i understand correctly this is Home Assistant saying that Hue is taking away that ability on devices people have already bought and installed.
That’s about the hue hub. The bulbs are still Zigbee and can be controlled 100% remotely with HA and a Zigbee dongle.
deleted by creator
You can have plenty of smart home stuff without this junk using stuff like home assistant and keeping devices like this from phoning home. Some products won’t work at all without an internet connection but plenty still do.
After they make the change, someone with an old Hue bulb should go to the Consumer Financial Protection Bureau.
Making this decision retroactive is clearly false advertising and anti-consumer. I don’t really give a shit what their terms of use were.
They can do what they want with their future bulbs. The old ones need to be grandfathered in.
If you do have an existing investment in Hue products, I suggest reaching out to them to request a refund because your purchase was made under a different policy, and this policy change is going to render your products useless without consent on your part. If they’re going to force a significant change that compromises the functionality of what might be hundreds of dollars worth of equipment without permitting recourse for legacy users, they should have to accept returns on what essentially is now a product you did not purchase and would not have purchased.
Or just get a ZigBee hub and keep using the bulbs without the Hue hub
hundreds of dollars worth of equipment
More like thousands, Hue is way overpriced
If someone does this let me know. Every bulb in my house is hue.
Thankfully, while I have a smart plug from them, I’ve made sure that it’s a Zigbee powered one, meaning it’s directly connected to my Home Assistant server over it’s own frequency/protocol, no app required. Guess that choice is paying off now.
Also, someone should tell whoever is managing that Twitter support account that you should never use the phrase “We’re sorry you feel that way”, even when you’re going for a non-apology.
Isn’t the “take it or leave it” approach to consent considered consent bundling? Didn’t google get fined for doing a similar thing?
I bough a TP-Link smart bulb once. It was very nice - I could just download a “tp link bulb client” written for everyone by some third-party dude. If I wanted to, I could add a desktop shortcut to turn on/off the bulb.
Then TP-Link decided to automatically update the firmware of the bulb without my knowledge. The update turned off the REST API that made the third-party client to work. I could only use the shitty MOBILE app from then on.
The update was impossible to revert (though TP-Link said “Ok write to our support and we’ll give you the downgrade file” no fuck you).
Ever since I’ve vowed to heavily think whether I want to buy a non-open-source firmware smart device ever again. Recently I bought a smart bulb and two smart sockets that come pre-flashed with “Tasmota” and “WLED” firmware out of the factory and they work great.
And I OWN them too
Many years ago i bought an RGB LED and naively thought the remote signal must have some standard protocol, because it is so simple commands that would allow for some cool shit if automated. Oh boy was i wrong. Proprietary smart home software is the most insane. How on earth should your home become “smart” when it is locked into some ideology (manufacturer) or worse yet you have multiple “parties” fighting over the government causing a shutdown.
NGL you kinda went into left field at the end there, but I still agree.
i wanted to compare the issue with the principles of government and the structures needed,because that what smart home should be, organizing your home to certain effect.
And like with state government that requires transparent and consistent rules, cooperation of the different branches and accountability.
Tasmota is great but I’ve found the number of available devices is limited. For instance Tasmota smart dimmer plugs do not exist, nor could I find a stand alone controller.
Z-wave or Zigbee integration dramatically expand the number of available options and work with local controllers.
I too get the feeling that the selection of devices with Tasmota pre-flashed is rather limited. Due to the nature of Tasmota, those devices will only be Wi-Fi devices, which further causes problems with battery usage (contrary to Zigbee/Z-wave etc.) 15 minutes ago I was looking at smart buttons that can run Tasmota, and I’ve only found the Shelly Button 1. And funnily enough, it’s possible to connect it with microUSB (!) so it stays charged.
All zigbee devices’ firmware is proprietary though, no? This is why I’m willing to suffer for Tasmota
The device list seems larger if you’re willing to flash Tasmota yourself: https://templates.blakadder.com/
Zigbee does work with a generic controller on Home Assistant and other platforms, and there are >3100 devices that are compatible with zigbee2mqtt, a Zigbee to MQTT bridge that exists to bypass the need for proprietary Zigbee bridges. No proprietary app or Internet access required either, but it was not easy to set up. Here’s a list of supported devices: https://www.zigbee2mqtt.io/supported-devices/
IoT stuff isn’t safe to use unless it’s flashed with a third-party Free Software firmware like Tasmota or ESPHome.
I mean IKEA is fine.
It’s entirely ZigBee, there’s no internet.
But the green part of RGB only works if you’re using their app
Really? Huh.
I’m just using the PM2.5 and temperature sensors.
They’re light bulbs. What data can they possibly hold on the users beyond how bright they like their bulbs.
What times your lights are on or off can expose more than you might think over time. It reveals when you’re gone for work, your sleep schedule, how many days a year you spend at home vs traveling/elsewhere, when you stay up late, etc.
But it gets worse. If you give Hue your email or install the app then now you can be uniquely id’d across other products. Hue will sell that data to some advertising agency, who also buys data from Google, Facebook, etc. Now your usage data from other systems can be combined with the Hue data and used to more even more accurately track your day and behaviors.
Big data is a fascinating field, if not completely horrifying.
Also when the keys are inevitably discovered on an unsecured S3 bucket, everyone will have it! In addition to your billing information and other PII.
I’m not sure how do Hue lights work, but if they have any Wi-Fi component they’re essentially a device in your network. If compromised (by a hacker or by Philips themselves) they’re no different than a device next to yours on public Wi-Fi. Someone will definitely have a desktop PC with vPro with default credentials, or once in a while someone will log into something using HTTP without the S and leak plaintext credentials.
People more well versed in networking often put their IoT devices in a separate network/VLAN so that they are all lumped together and away from personal PCs.
Hell, I even block my ISP-issued modem/router/AP from ever getting an IP address on my network, and that way I can’t even receive tech support from them lmao
In addition to what the other commenters have said: They don’t just sell light bulbs but also motion sensors that can even measure temperature.
So they wouldn’t just be able to tell which room you’re in at any given time but may also be able to tell when and for how long you shower or how often you cook food in the kitchen based on slight temperature changes.
And if you wanna get really paranoid: Hue Sync analyzes what’s on your screen and synchronizes lights accordingly. Who knows what is really going on there if they pull this kinda shit lol
Companies these days: “help us think of products we can sell to procure data. No, we don’t care what the product is; we just want the data.”
I often wonder are we in some sort of “data bubble”? all this obsession over collecting it but not actually providing stuff people will pay for surely has an endgame
reason: "your data isnt secure in your home, we need to control it. trust us. "
uh huh.
5 months later: “We had a data breach, but we believe they didn’t get all personal data”
I was forced to move (landlord sold house) and when I got to my new place, I just never got around to setting up any of my smart home devices. Thermostat, cameras, lights, assistants, sensors, monitors, etc, and weirdly enough I am somehow happier now.
The random issues, glitches, delays between asking an assistant/pressing buttons before an action went through, fixing integrations, fixing Home Assistant, fixing random unpairs, etc. was driving me nuts. Especially when you have invested hundreds/thousands of dollars into premium devices.
Worst was when you’d ask assistant to do something, and it somehow misheard you and does something else. Fried an aquarium thermometer that way. Turned on ALL lights when everyone was sleeping, despite me asking to turn OFF a very specific light…
The only thing I truly miss is being able to turn off my bedroom light when I am in bed. But the stress I save is worth getting up and turning it off.
Huh, sounds like a very unreliable setup. Admittedly mine is much simpler and I refuse to use voice control for anything at all, but I experience zero glitches with my Shelly switches and HA integration.
Gotta admit I use hue and Google voice commands and it always works perfectly and I love it… sorry I also like Firefox if that helps!
You can get remote controlles for lights and keep it on your bedside table
This is immensely frustrating. Feels like a rug pull for anyone that cares about their data, privacy and (ironically) security.
Start leaving 1 star reviews in the app stores from Google and Apple complaining about this.
They read those because stakeholders who understands nothing about tech only care for more stars.
I’m definitely starting to find a way out of hue and freezing my plans to buy more bulbs from them.
Welp, their products are completely out of the running for our setup then.
and RIP to anyone who invested thousands into them. Those lights were NOT cheap.
Hopefully this spurs someone to go to the CFPB or something and sue. These companies need to stop pulling this retroactive change bullshit, like Unity, Wizards, ad now Hue.
If I use Home Assistant for control and block the Hue hub from the internet, will things keep functioning as they are today?
I like how my stuff works and don’t want them to mess me up.
I would make sure the firmware can’t be updated. Uninstall the Hue app for sure.
To be safe long-term I would probably suggest to throw away the Hue hub entirely and get a Zigbee USB dongle for your Home Assistant server. Personally I’ve had no issues with the ConBee II. Home Assistant also released their own dongle earlier this year, called SkyConnect, which I’ve heard is pretty good as well.
(This is assuming that all Hue devices are based on ZigBee, which I believe they all are, based on this useful database.)
