cross-posted from: https://lemmy.world/post/32265822
xkcd #3109: Dehumidifier
Title text:
It’s important for devices to have internet connectivity so the manufacturer can patch remote exploits.
Transcript:
[A store salesman, Hairy, is showing Cueball a dehumidifier, with a “SALE” label on it. Several other unidentified devices, possibly other dehumidifier models, are shown in the store as well.]
Salesman: This dehumidifier model features built-in WiFi for remote updates.
Cueball: Great! That will be really useful if they discover a new kind of water.Source: https://xkcd.com/3109/
I just bought my first home and as soon as I’m decently unpacked I’m going to start my journey on self hosting.
Currently planning:
Not sure what else to add. Open to advice or suggestions.
I’ve watched enough Lock Picking Lawyer never to want a consumer ‘smart lock.’ Half of them can be opened with a magnet. Maybe commercial grade is better, but I’ve been locked out of my job after every power failure for the last 10 years, until someone comes along with a physical key.
Re homeassistant on a Pi: homeassistant does a lot of database transactions, so you may want to have db storage on something other than an SD card.
Good call. I was thinking of trying a 128GB usb3 stick I got. Maybe a ssd/nvme on a USB3 controller.
I have an old 2.5inch 500GB laptop HDD plugged into a USB/sata adaptor into my rasberry pi.
that’s been running flawlessly for 3 years and drops every concern with running HA on a pi
I have tentative plans to make my own smart lock by way of electric motor and commercial deadbolts with an RF scanner and a back up battery for emergency. It won’t be amazingly secure in a tech way, but I figure the combination of novelty and DIY should make it reliable.
That said, I gotta be that guy and remind everyone that all locks are security theatre and are not going to protect your house from the persistent or prepared. Your best defense is a combination of foresight and social engineering.
I’m gonna differ on this. The point of a lock is to control law-abiding access to your house. If someone wants in your house, they can attack your windows, doors, or even a wall if the lock is too strong. A smart lock let’s you open the door for a family member remotely, or set one time-access for your in-laws to come over and pickup a tool.
I wouldn’t use a smart lock for something hardened, like a bunker or a vault, but for a house and garage, it’s okay not to have the most bullet proof lock in the world.
Part of the function of the lock should be to indicate of forced entry.
Sure they could attack a window, but then you know something happened.
A magnet attack on a smart lock usually leaves no indication of bypass. So you still think everything is as you left it, untill you need that one thing and it’s gone.
Of course this is more for specific targeted attacks, but still, if you report to insurance that things are missing and they ask if you locked the door, but then there’s no indication of forced entry. How likely are they to pay out, or keep you as a client?
Well, I guess I could point to my snake enclosure camera (which conveniently covers the front door) showing an entry, or if the perps walk through the house, they would trigger the bunny cams, the other snake cam, or the lizard cam. Plus I have my outdoor cameras, although that is my specific scenario.
I’m sure there is an electronic lock on the market that logs when the door is opened, even if not locked. It would be trivial to look at the lock/unlock log and determine that the door was opened without unlocking. A regular tumbler lock isn’t going to give you that kind of info.
I wish I had setup an identity management system sooner. Been self-hosting for years and about a year ago took the full plunge into setting up all my services behind Authentik. Its a game changer not having to deal with all the usernames and passwords.
In a similar vein, before Authentik, I used Vaultwarden to manage all my credentials. That was also a huge game changer with my significant other. Being able to have them setup their own account and then share credentials as an organization is super handy.
My SO is already using keepass locally. Used to be only a paper notebook. Data breach paranoia.
I plan to setup vaultwarden or keepassXC
If it’s something that’s vital, my mantra is pay to have someone else professional host it.
I’ll pay the $10/year for Bitwarden.
Great list! If you already have the Raspberry Pi devices, great. If you were going to buy some, I would look at thin clients instead. Low-power, cheaper, more powerful, can use real hard drives instead of SD cards or adapters, and x86 instead of ARM. I have an HP T630 I like but I hear good things about the Dell Wyse 5070 too.
I have:
I work as a sysadmin so I’ve picked up a few things that wouldve gone to recycling.
My concern is power draw running 24/7 so I need wattage monitors and going to start with the Pi systems. Until I hit performance issues then migrate to a SFF.
Cameras.
Yeah that’s on the list. I want them hard wired though. Gotta hire an electrician to wire up the outside of the house.