Calgarypuck Forums - The Unofficial Calgary Flames Fan Community - View Single Post

taxbuster · 09-28-2022, 10:11 PM

There is zero chance that I would put ANY cloud-based t-stat (or any other device) on my home network without it being on a separate IoT VLAN. Far too much opportunity for companies to use/steal/my data and too many openings for random hackers.

My approach has been different. I use Home Assistant which is on an RPi4 and is all "local push"...using ZWave or Zigbee - no Internet connection required. All "local". Remote access via VPN to the home. The couple of devices which must have a cloud connection are on the same IoT network with DNS that prevents outcalls to unknown locations (using PiHole).

Paranoid? Not so much: many cams and other units have been hacked due to crappy (often Chinese, but not exclusively) devices. In the US there are people who have electric company-supplied devices. Guess what happened in heat spells? They got "controlled" by the electric company. Google as a provider? No thanks....not with what they can do with my data.

I'd think long and hard about setup of any cloud-connected device including, but not limited to: my name (fake), email address used (isolated from any other), password (unique), address (fake), phone number (sms via VoIP provider). etc.

Not paranoid, but having been in IT / tech for a long time, I don't trust anybody and set things up (as best I can) to future-proof my network.

Just one crazy guy's approach.

09-28-2022, 10:11 PM	#45
taxbuster #1 Goaltender Join Date: Feb 2010 Exp:	There is zero chance that I would put ANY cloud-based t-stat (or any other device) on my home network without it being on a separate IoT VLAN. Far too much opportunity for companies to use/steal/my data and too many openings for random hackers. My approach has been different. I use Home Assistant which is on an RPi4 and is all "local push"...using ZWave or Zigbee - no Internet connection required. All "local". Remote access via VPN to the home. The couple of devices which must have a cloud connection are on the same IoT network with DNS that prevents outcalls to unknown locations (using PiHole). Paranoid? Not so much: many cams and other units have been hacked due to crappy (often Chinese, but not exclusively) devices. In the US there are people who have electric company-supplied devices. Guess what happened in heat spells? They got "controlled" by the electric company. Google as a provider? No thanks....not with what they can do with my data. I'd think long and hard about setup of any cloud-connected device including, but not limited to: my name (fake), email address used (isolated from any other), password (unique), address (fake), phone number (sms via VoIP provider). etc. Not paranoid, but having been in IT / tech for a long time, I don't trust anybody and set things up (as best I can) to future-proof my network. Just one crazy guy's approach. __________________ Hey...where'd my avatar go?