philpo

philpo , 2 days ago

Old article by someone who seems to be an absolute newbie in that field.

philpo , 16 days ago (edited 16 days ago)

That's why one uses an industry standard that is brand-independent,operates offline by design and does not require a central component besides a power supply.

Sounds like utopia?

This standard has been available since 1990 in its archaic form, since 2002 in its current form.
It is downwards compatible and over 400 companies worldwide are part of the standard.
HomeAssistant, ioBroker, openHAB,etc. all support it directly and there are multiple crossover gateways with other standards like DMX, ModBus, Dali,etc. exist.
And no, it's components are not more expensive once you look at the TCO.

For fucks sake, people, use KNX.

(PS: There are even a few open-source/DIY components available)

philpo , 16 days ago

So is windows and Linux if you just look at the year they were introduced.

Just because something is backwards compatible doesn't mean it does not get updates/improved.

And tbh, a light switch does not need that much improvement technology wise.

philpo , 16 days ago

Get a few components (e.g. Actors, a sensor), a gateway (USB is enough for the start,they often go cheap if you buy used,got mine for 10 bucks) ,a power supply (Meanwell is a good idea) and the free version of the ETS programming tool.
(The ETS is the only downside of the system - it's expensive especially for larger installs)

philpo , 16 days ago

Haha, no. But I know someone who was part of the OpenTherm development.

To quote him:

OpenTherm exists because Plumbers don't trust Sparkys and Sparkys don't trust plumbers.

OpenTherm is easy to install but "stupid" as hell and not adaptable to modern needs mostly, especially if you consider modern heating concepts like passively heated houses, heat pumps,etc.

That's different from KNX (or Modbus in that regard) - They are much broader in their appeal. Singule use/walled garden systems are always a bad idea,imho.

philpo , 16 days ago

Neff has a (magnetic/removable*) knob as well.
(* Which is a great idea in theory. Unless you have kids. First it's great because they can't start the cooktop on their own. But then you are constantly looking for the knob. A friend nearly got insane...His daughter "accidentally" took the whole fucking thing on a schooltrip to France....HOW? That's why I have the Siemens one with touch.... It's okayish touchwise and it works...)

philpo , 16 days ago

And to add another unpopular opinion:

A smart temperature control is the one I never ever need to use. Because then the room always has the temperature I want.

philpo , 16 days ago

The thing is: The standard itself is rather well designed and didn't need too much updates (they just extended the possible packet contents in terms of possible parameters - which technically isn't that necessary as you can fall back to ASCI).

The last major updates were more towards extending functions (KNX over RF), connecting locations via IP tunnel, and securing the packets themselves (which is not really necessary for single household installations but VERY much for multi tennant installations).

The major strength of KNX is the bus packet system itself - as the packets are standardized there are only a few attack avenues. An attacker could flood the bus with packets, try to update with fraudulent code (if none did put a password on it) or try to put fraudulent content in a module that accepts ASCI packets.
The problem is the access - the attacker would need physical access or the IP gateway (if existing)would need to be unsecured towards the internet...
In the end it is a fairly resilient piece of software.

philpo , 16 days ago

No,it isn't.
But no open and local solution will be - but you pay for that in terms of long term usability, resilience and data.
It's a choice a mature customer needs to make. Be cloud and manufacturer reliant,invest the time to do it properly or pay someone to do it.

And KNX.org works for me(even tried it with a VPN to be sure) - and do you really think that a standard that is supported by the largest companies in the field(Siemens, ABB, Bosch, Schneider, etc.) and has multi-billion of installations in professional buildings alone per year is not for the long term?

philpo , 15 days ago

The good thing is: You can easily replace OpenTherm with KNX.
Afaik there are Gateways that mimic Opentherm towards the heater so you can use KNC for the actual control.

philpo , 15 days ago

The system does exactly that - But that is done automatically without intervention.

The system recognises by checking on our devices and the presence detectors if we are at home.
If we aren't it reduces the temperature.*
Then it looks into our calendars when we can be expected to be back and increases the temperature accordingly (additionally once we enter a certain Geofence).

*:The overall heating effort is also based on the current and expected weather and sun-influx,as I have some rooms that basically heat themselves when the sun is out.
The system is using that effort to adjust shades (e.g. it would allow a lower living room temperature in the morning after we left when it knows that there will likely be a sunny afternoon heating the room without the need to add external heat)

This is what I mean with smart: A smart system is only smart if the user doesn't have to fiddle around with it. Everything else is a remote.

(My next goal is to add personalised heating. I want the system to recognise who is/comes home and adjust the temperature accordingly as my wife wants other temperatures as I do. O can do it room based, e.g. the kid's room is adjusted according to the kid being there, but overall I am not quite there yet)

philpo , 22 days ago

I can recommend using Cloudron but I don't use Radicale.

Cloudron is in no way a necessity for anyone - it's simply me being too lazy to keep everything up to date, read all the necessary documentation for all the services we run,etc.
Cloudron does all that for me - and I couldn't be happier.
Johannes,the owner, provides fast support (had two glitches with Hetzner DNS over the years) and the amount of Apps is getting wider each year, although I would rather see their range be broader (e.g. a proper Monitoring system instead of yet another project management),but that's just me.

In theory it's even possible to create your own apps for cloudron, both for public and private use, but that is beyond my capabilities.
It can also be used as a SSO provider and reverse proxy,btw.

philpo , 29 days ago

It's not about the sensors, it's about the software. That's the solution.

philpo , 29 days ago

Farm vehicles are far more automated than any cars these days.

philpo , 1 month ago (edited 1 month ago)

Simply put:No.

You need to make sure none accesses your phone even when stolen (for a myriad of other reasons as well) so passwort protect it.

This has nothing to do with WG-easy or any wireguard implementation itself-it's simply part of Wireguard.
What you could do to at least discourage an attack is to save parts of the secrets (Preshared key, public key of your network) in a password manager like bitwarden and copy and paste it into the client every time you connect - and remove it from there after you're done.
But be aware that this will only discourage a technically inept attacker - the WG client and the OS,etc. will keep enough of data of these transactions around to easily find out this information and for a good attacker you actually make it easier this way.
So I would clearly not recommend it.
Password protect your phone.

WAG and other solutions put another layer between your network and WG. Basically they add a captive portal and only "unlock" it once you authorised yourself there. It is not a pretty solution and you need to be aware that it easily locks you out of your own network.

Another solution could be that you build two WG connections - one that is limited to your firewall and can exclusively connect to that device.
And one that has broader access. Use the first one to enable access, the later one for actual access. Then the first one to disable access again.

The WG easy container should always be run behind an authentication layer,even in LAN as it enables an attacker (who might be already in the LAN) establish full outside connections.
This can easily be achieved with a reverse proxy like Caddy/nginx proxy manager. The container then needs to be behind the proxy in it's own network with only the WG port exposed. Requires a bit of work but is easily doable...And Portainer is your friend in that regard.

philpo , 1 month ago

Steam is a major problem for a lot of reasons,but basically none of the reasons the author gave are the main problem - It sounds more like a whining of a Mac/Apple user.
Once again....

There are hundreds of more important problems with Steam.

philpo , 1 month ago

Lol,no.
European civil law knows arbitration very well and it's literally mentioned in the clauses of Discord here.
European civil law absolutely knows law suits, but they are not based on case-law and far less based on judge-made law compared to the common law system.

philpo , 1 month ago

Tbh, more like Revolt Exodus,sadly.

While Matrix clearly is the superb system and I would absolutely love to see people to migrate to it, but I have a feeling that people will use the solution that comes the closest to what they are used to - which is revolt at this point.

But revolt,imho, is not quite there yet and would very likely collapse under the increasing pressure on their ressources, just like many Lemmy or Mastodon servers did back in the day - but revolt is far less decentralized.

Which would send people straight back to Discord.

A shame,really, Matrix is clearly the better system,but VoIP/Video/Community building is not quite there yet.
It might be with Element X,but we will see.
Maybe I am wrong and I would love to be wrong here - I actually operate a small Matrix server and it's a fantastic system.

philpo , 1 month ago

The way I understood revolt their idea of federation was more between different Revolt instances, but it's not a hugely discussed topic over there.

The frontend would be no issue Matrix-wise, it's not that difficult to build a Discord like client for Matrix if the actual backend would support the necessary features - which currently is not the case.

The Bridge (I run one myself) is only good to use it as long as you use still Discord,so more for a migratory phase,yes. And technically it's against their TOS,so it could end up bad for larger communities.

Anyway, it's clear that at least FOSS projects should definitely not work with Discord as a repository or support channel anymore.

philpo , 1 month ago

2N Verso.

• Works totally offline/Cloud free if required.
• Can be integrated into any NVR&SIP environment
• Can easily be used with plausible deniability. "Yeah, officer,I am just using it when someone rings the bell, no recording,the bell system never records,no!"
• Very sturdy and reliable hardware
• Offers indoor viewing stations (for the less technically adept household members)
• PoE based, can be used with LTE in some versions.
• Good documentation
• With the automation licence (Costs a bit extra,but is "buy once" at least) basically everything one can imagine automation wise can be achieved, including API calls,etc.
• Can be extended with RFID, Fingerprint, Bluetooth,Induction loops,etc.

If you want to use their cloud service you have to pay a small fee,but that's purely optional and you can easily use your own SIP solution to avoid this. Or simply don't answer your door from somewhere else.

The big downside? It's ridiculously expensive. But I mean...how often does one buy a new doorbell?

philpo , 2 months ago

As long as you deactivate the wireless LAN it shouldn't be at risk doing that.
From my understanding of US FCC and EU rules doing so despite manual deactivation of the "radio emiting technology" would lead to a market ban of the device (it has led to the EU banning other,mostly chinese, electronics in the past and Amazon was in hot water for a while).

philpo , 2 months ago

Sure.
Choose one that still let's you default connect to a HDMI input (or display port if you are really lucky) and connect a KODI box to it. Either a Raspi 4 or something similar will do.

That solves most of your problems as the smart part is on the Kodi Box and not on the TV and Kodi is (mostly) OS and can be configured to your liking.

philpo , 2 months ago

It depends on your infrastructure,sure. But as long as no Amazon Devices are in the apartment/house and the WiFi/radio emitting function is permanently turned off (which, again,is a legal requirement per EU laws - and I am 90% sure per FCC as well) there is little chance of them meshing with something.

And if you have active Amazon devices in your home the smart TV is not your problem.

philpo , 2 months ago

Nope, not that easy. I can only speak for EU regulations (but at least my colleagues who did FCC were complaining that they were stricter) but they require to make it clear that the user needs to be made directly aware that the device emits radio waves, define which frequencies/techniques are used (so they can't make you think they are using Bluetooth for the remote but in reality also have a NB-LTE card in the device) and the device must (and this is seen very strict) keep any radio emitting off when it's configured to do so. (This brought Samsung,Sonos and Amazon and Xiaomi in trouble in regards to "airline" modes that didn't really deactivate everything or devices that could self activate).

So yeah, they could surely build the TV in a way that it only works with WiFi/whatever turned on(basically any Alexa device works that way),once there is a (software) switch they cannot silently still transmit, even if you agreed to it in some obscure TOS- this would lead to a market ban.
And they need to tell you which frequencies they use - so you can be aware of it.

This is just the radio frequency side of it - I am fairly sure that there is at least one EU country that requires users to be able to switch off each frequency band on it's own (may also be in EU consumer regulation laws,but I come from MedTech, not my field)

philpo , 2 months ago

Kodi on a Raspberry!Easy to install, once set up it's rock solid and you can integrate a lot of streaming and IPTV serviced these days.

philpo , 2 months ago

Absolutely - But with HDMI to a Kodi and all other connections disabled there is literally no way for it to get "out".

philpo , 2 months ago

Possible,yes. Illegal? Yes.

So,sorry,unless you show me any proof that any device does it I consider it unlikely.

If you show me proof I am more than happy to call a few old contacts and raise a stink with ECC/CEPT. They don't fuck around.

philpo , 2 months ago

Another reason I really look forward for them being sued in Europe - This is a highly illegal practice in the EU and has already brought sizeable penalties for various other media outlets, both conventional and online.

And weeks ago the Dutch and German consumer protection agencies as well as the GDPR ombudsman already commented that they are looking into Reddit (Reddit has it's European office in Amsterdam).

That will be fun.

philpo , 2 months ago

On a RPi 3 mod B? Not really.
Load spikes have already been mentioned and especially Home Assistant is prone to them, PiHole can be, but it can be avoided (you still wouldn't want it to update its blocking lists while you print something as it causes load spikes).

IF you do it you need to configure it in a way that the Octopi is getting priority over everything else - which is possible with a lot of tinkering or using a VM layer like Proxmox - which is adding to the overhead again, though. This will push the 3B to its limits even more.

Personally I would advise against it heavily. If you already have a 3B, use it for the 3D Printer and buy another device for everything else (not necessarily a Pi, Arm has it's downsides - there are a lot of energy efficient x64 solutions out there these days.) And then slap Proxmox on it,run HAOS, Pihole and whatever comes your way in the future on it. (Paperless and Frigate/agentNVR seem to come along the way naturally.

philpo , 2 months ago

As if that is something someone in Texas cares about these days.

philpo , 2 months ago

You can thank me later - I literally installed Linux back as my primary OS after being back on Windows for ages on the day before this report came out the first time.

philpo , 2 months ago

Oil is not produced at maximum rate since the 70ies - which is good. (OPEC)
We technically could produce much more and cheaper - but not for long.

philpo , 3 months ago

Joplin, can even be easily self hosted for synching/sharing.

philpo , 3 months ago

Loxone is not worth it lately.
Their device quality has gone down, integration of other services is intentionally made difficult these days and overall support is lacking.
I wouldn't buy them, even more considering that you are vendor bound and always need a central component/server for it to work.

KNX has a very broad pricing range - from very cheap to very expensive there is basically everything, there are countless PIRs for less than 100€ and some for over 400€.

A well planned KNX install isn't that much more expensive (10% on average)than a conventional install and the last Loxone install estimate I saw for a project was over 20% more than KNX.

Depends on what manufacturers and suppliers you want. Go with MDT (but avoid the GTs).

philpo , 3 months ago

Yes.Some/a lot depending on how much you sell.
And of course for an installer a walled garden is much much more convenient instead of a open standard.
And it's much cheaper for them as they don't need an ETS licence, don't need an overview of hundreds of components and the certificates are cheaper/free as well - unlike KNX.

philpo , 3 months ago

We both know the answer very well, don't we....

This is so depressing...

philpo , 3 months ago

Attach a small camera to one of them and attach it to a bird feeder. Set another one up with frigate.

It's a fun use and actually good for the environment.

philpo , 3 months ago

The penalty isn't the main good thing coming from it - it's the fact that now the system is deemed illegal unions/workers councils and local inspectors can easily go after it on a local level. This is actually far more powerful than one might think, as the local government inspectors are the ones that can really put the pressure on the companies. (E.g. Amazon got ordered to shut down part of a main distribution center due to insufficient workers protection once - that really really hurts them as the lost profit is worth more than the penalties)

The francogermanophone system works slightly differently here, that's why it's often "disappointing" from lay persons POV, but it works - just not by extremly high penalties.(These come from the fact that we don't really know class action law suits - there are some new ways for them, but generally it's not an often used instrument )

philpo , 3 months ago

In the name of every medical professional out there:

Fuck Masimo. You piece of shit garbage company.

Masimo does strategically patent troll other companies to keep their monopoly on oxygen saturation technology, deliver a subpar product that is very likely designed with planned obsolescence (which actively endangers patients).
It's an absolute shit show.

philpo , 3 months ago

It's more about the medical field - we use more precise equipment than can measure a bit more. And very likely Samsung has to pay somone even for the smartwatch version.

philpo , 3 months ago

or KNX.
or Modbus.

Zigbee is actually not that good of a choice.

philpo , 4 months ago

As Discord is still unable to provide a GDPR compliant process for the phone number thing (and let's not even start about personal ID), if I were a small game dev I would rather not make myself liable the way one does when using this - it's simply fucking expensive.

philpo , 4 months ago

Nope, doesn't work that way. The game dev is offering a networked service (community,support,etc.)in his name/trademark/brand and therefore is therefore liable for the data protection, it doesn't matter at all if the dev is the data holder or not - that's up to the dev to manage contractually with discord.

The concept of "not holding the data, not liable for the data" has been turned down by various high court rulings by now - Amazon and Microsoft amongst others have tried it and lost.

philpo , 4 months ago

If you are more into a full DNS solution that can also block Technitium DNS is a reasonable choice.
It is fairly userfriendly, can be run in an LXC easily (I am doing exactly that), able to use multiple block lists in any combination you want, can be controlled by an API, is regularly updated,etc.

I couldn't be happier with it, even though the learning curve is somewhat steep, when you are new to DNS. It is a fully fledged DNS server after all.

philpo , 4 months ago

Nah, when you are on a late night run on an (almost, max. 2 pax) empty bus, especially the last run, especially in shitty weather, it's appropriate to say "Nacht" when you leave.

You form a special bond then and there. The driver is your hero who brings you home in the most shittiest shift.

philpo , 4 months ago

You are aware how fucking easy it is to link metadata from devices, no matter what connection they actually use once you have access to a countries backbone, especially if you are a low income country with just a few exchanges, a service that solely exists with centralised servers outside the country and no privacy laws?
It's extremely easy. Devices fingerprinting,etc. is a thing.

The only benefit of Signal would be the fact that the man in the middle has no idea that you what you actually write. But considering that it's easy for them to just claim someone has done something and punish them it's no help here.

There are designated messengers for situations like that, briar is one example. But Signal is a really bad choice here and Wifi doesn't change a thing.