Results 1 to 2 of 2

Thread: No 3rd party "cloud" (but home assistant cloud?)

  1. #1
    Automated Home Lurker
    Join Date
    Nov 2019

    Default No 3rd party "cloud" (but home assistant cloud?)

    Heya guys,

    I've been looking at expanding the home automation since I am purchasing my first house (yay?).
    I have started off with the TP-link bulbs (linked to Kasa) and linked to Google Home, and had them for quite some time now (LB130's).

    I've seen the issues that people switching them off at the light switch, and the time taken for the systems to talk through the internet, to the third party, and then back to the bulb, it just seems silly - and when expanding this to more devices I would just rather have a lot more local execution - but I don't /really/ want to lose the remote / web automation - but I also don't want to open the access to endless remote "cloud" services (allowing access to another company just because I buy a new device).
    I know a friend who is also interested and after ideas - I will probably be asking a few questions later on.

    I did search this forum for similar key words, but only found 1 or 2 posts (seems like early this year) perhaps I have missed a relevent post though - so sorry if it seems this question / sort of idea keeps coming up.

    I've done lots of research on this (or what seems like a lot), but have some thoughts of what I want and reasons why:
    *) 1 "hub/gateway" which connected all my devices (or as much as possible)
    *) offline capability (so that if router dies, or remote "cloud" dies, or speed, or safety from 3rd parties leaking access, I can control locally + quickly + securely)
    *) remote capability (so if I'm away from house I can turn stuff off, get alerts from sensors, etc)
    *) interact with different devices (no 1 vendor)
    *) google home/assistant interaction would be nice
    *) amazon alexa - friend uses it so would be good to hook into that.

    Google Home seems to be starting to implement /some/ sort of local execution ( but the API still seems to need a remote "developer cloud" to contain a list of IDs, before the local device is picked up properly.. I did see somewhere there is a "localonly" tag which may be available - but how that would work with Google I don't know... Anyway, it seems that Google only works with a remote cloud - which is just insane to me (why wouldn't Google also allow its on-wire devices to pick up and send info to devices it can pick up? That's the whole reason behind "gateways").

    Apple seems to be the only one acting like I think things should (local hub/gateway. Internet interactions when needed) - but I couldn't see too much information.

    All others (iftt/etc) seem to either be totally remote, or use their own cloud, some using subscription-type model, others not.

    So - I guess I have answered my own question - "Is there something that meets this 'no 3rd party cloud' but also allows 'google/alexa' to control it?" with a "there doesn't seem to be".
    The next stuff is - is there something close-ish, and I've come up with 3 viables.. Can anyone give any comments?

    1) Mozilla IoT.. Basically have it as a gateway / hub, add in any zigbee/z-wave/etc modules and have it get the devices. Use it with rules etc.. Also hook up wireless speaker/microphone devices to allow voice control.
    Use a private VPN to allow remote control of the devices, and put up with the GUI that mozilla gives (or design my own app for it if I can do better).
    PLUS: supports a wide array of devices, can use smart switches/bulbs/buttons/plugs/sensors, in-built logic etc, and all seems extremely easy and extendable, possible expansion to allow Google Home, voice keyword customisable.
    NEGATIVE: voice isn't exactly perfect, no idea how good the voice control is, no idea about wireless mic/speakers, currently uses tunnel / fake-cloud for remote access (easy to block with firewall)

    2) Self-designed "google-assistant" using raspberry pi and the google developer tools etc. Will involve a fair bit of custom-coding + hacking to get the device interacting with the devices, probably borrowing pieces from the "home assistant" code or something, as well as others.
    PLUS: might be able to get it working "as *I* want"
    NEGATIVE: a great big time-hole of researching APIs, creating my own code, just to get the simple devices working 'how I want'

    3) Use some other type of hub/gateway, like "home assistant" or "openHAB" or "hubitat" .. Very similar to the mozilla one, but maybe not as customisable (ie I can probably alter the mozilla, or maybe contribute - but maybe not with these)... Possibly also put on my own voice assistant (snips I saw mentioned somewhere) instead of the google voice assistant..
    PLUS: Some are easier, some are harder, etc.

    It would be good to know what your opinions are, as I definitely want a setup to extend in the future (adding on additional sensors/devices and rules/automation) so my first instinct is to try out Mozilla IoT, and maybe try out "home assistant" and/or other R-pi based ones with a few buttons/switches/bulbs, and then work my way from there... and the google home assistant custom R-pi would be a pet project which may go somewhere or nowhere in my own time.

    Thanks for reading.


  2. #2
    Automated Home Legend
    Join Date
    Sep 2014


    Not quite what you're looking for, but you might be interested to know that the Kasa controlled TP-Link devices like the Smart bulbs and smart plugs (I have both) are controllable both via their cloud services (when the Kasa app is being used remotely outside your LAN) and also directly to the device over the lan without an internet connection required.

    Try it yourself - disable your internet connection in a way that doesn't disable your WiFi network and you'll find that a phone on the WiFi can still find and control the local Smart bulbs and Smart plugs...

    In fact there is NO security (except a bit of security by obscurity) for this direct Lan based control mechanism - anybody on the LAN/Wifi can control your local Kasa devices without any credentials of any kind, and this security flaw was delved into in great detail in this piece of reverse engineering:

    As part of the research they even provide some python scripts to access this local unauthenticated control API. I've tried those Python scripts and they were relatively easy to set up and do work - I was able to fully control my HS110's using them including turning them on and off, querying their status, changing their wifi settings, triggering a reboot etc, without using the official Kasa app, and this would work without an internet connection as well.

    It was a while ago that I did this so I don't know if TP-Link have patched these vulnerabilities - my guess is not as it is just designed to be wide open on the local network without even a pretence of requiring credentials! By the way reading that article might put you off buying any more of TP-Link's smart devices as their security is pretty awful...
    Last edited by DBMandrake; 27th November 2019 at 10:29 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts