Trustworthy Home Automation

In a field dominated by corporate listening devices, how to enjoy the modernity of a Smart Home without letting the Billionaires in?

Home Automation promises a lot: convenience, efficiency, the ability to make unique affordances to your needs, not to mention impressing dinner guests with gadgets and gimmicks. But, as with so many things that touch capitalism, it has been corroded into something more alien and compromised. A would-be smort-home-dweller must make excuses to conscientious guests; that the frightening surveillance apparatus in the room is ‘just really convenient’ or ‘it was a gift but actually we really like it’.

Just to be clear, for the uninitiated: not only do I refer to the literal listening devices, the likes of Jeff Bezos’ Alexa, Google's Nest, etcetera. Any gadget that is connected to your Wifi network has a powerful window into your private life, even if it has no other way to perceive its environment. From within your home network, these devices can know who visits, when you are home, what devices you use and what apps are on them, they can probably view your web traffic and therefore know which sites you are visiting (if encrypted they probably still see the domain and any subsequent requests made). Many of these companies already have a frightening ability to view your web traffic through their server farms, their spy networks on each and every site you view, etcetera.. but now no ad-blocker is going to help you. Even using Tor won't help anymore, as they will have a trivial ability to correlate web activity within the home and the other end at a server they can view, through analytics or server ownership.

So, smart devices are a massive privacy violation even in ways that most techies haven't seriously considered yet. Even the barest, dumbest smart device often has far, far too much on you. And a very commonplace sort of smart device now, is the ‘gateway’ that you are required to buy for many smart home suites. Everything from Philips Hue to Ikea Tradfri to even creepier groups like Xiaomi Aquara all sport wifi ‘gateways’ that mediate with the zigbee network for your phone or computer… but probably they do more. Xiaomi doesn't even pretend, they don't sell Aquara gateways in Europe because they will not attest that they are GDPR compatible.

What if we could do better, though? What if we could still dare to augment our homes with commodity hardware without accepting a brazenly malicious listening device along with it?

Expect more waffle on this subject in future as I embark on it, but let me close with some hints and caveats I'm picking up as I go. Where I am at now, I have a modest Zigbee network that is going to grow over time to emcompass more operations in the home. Right now, I have a number of zigbee bulbs, and plug controllers, and temperature/humidity sensors, controlled by a stack of open-source software on a repurposed “Thin Client” (deserving of its own blogpost..) with a Zigbee USB dongle. As the Zigbee network is gatekept by a Open Source software stack, even a malicious Zigbee device is unlikely to be able to access the outside world to do harm. And no wifi-enabled proprietary gadget was required.

Software Stack

First up, you need a way to seed your Zigbee Network with a controller/coordinator that can be controlled from your computer or phone, and for that you will want to set up zigbee2mqtt, with the suggested hardware. These USB dongles can be bought on ebay, many sellers advertising pre-flashed ready-to-go dongles. Of course, you'll need an MQTT broker to work with, but that part is fairly easy: install Mosquitto and use that.

You might think you can use thte built-in Zigbee modeules in the major FLOSS home automation stacks, and buy a different Zigbee dongle or device, but I recommend against doing so: My limited experience suggests that both stacks are not remotely as convenient to use as zigbee2mqtt, for starters, and to top it off, zigbee2mqtt is the only stack thought to work acceptably with the Xiaomi Aquara sensors (cheap, widely available, but not zigbee compliant and prone to network failure with other stacks).

With zigbee2mqtt set up, you will want a way to start glueing things together and making logic: for that, you'll want to install Node-Red. Again, the major home-auto stacks offer ways to wire up logic, and you are welcome to use those.. but Node-Red is probably more fun to work with, has a lower learning curve, and can be used to set up MQTT based ‘flows’ that can be relatively easy to wire up as virtual devices within the home automation layer.

For your home-auto stack, the major choices are OpenHAB and HomeAssistant. I was initially drawn to HomeAssistant because it's built on Python 3, but I discovered quickly that the support for open source Android applications is very poor, and after a lot of frustration I dropped it. OpenHAB is apparently more mature, has a wide array of services that can be integrated and interacted, and better app support (stable and beta app in F-Droid), and has a lot of documentation to work with.

Hardware Layer

This gives you several layers to work in, but what about hardware to attach to this network? Refer to the zigbee2mqtt supported devices list as a buying-list. But within that, you'll want devices that are well supported, well documented, and play nicely together. Of particular interest is a set of devices that can efficiently route Zigbee traffic for your battery-powered gadgets.

Because it would be great to have access to the Xiaomi Aquara device family, because of their dramatically lower price, you should strongly consider the Ikea Tradfri range: Their zigbee controlled sockets, in particular, appear to route traffic from Aquara sensors, which can help prevent them from getting dropped from the network. I am having no problems so far, as so many before me have done with other routers. The Ikea Tradfri bulbs are also the cheapest reputable option out there for lighting, that I'm aware of, and at least in Ireland they are available for ten euro with an included rocker switch.

One big warning and caveat about lighting before you dive in, however. These bulbs try to play nicely with the old fashioned way of flicking a power switch: when a zigbee bulb is power cycled, it will turn itself fully on on restoring power. This is handy for the ‘partner acceptance factor’ but no good if your house loses power, only to have it restored, in the middle of the night. Nothing like a sudden blinding illumination at 4am to make you reconsider your home automation plans!

There is only one brand currently offering bulbs with a configurable behaiour on power-on, and that is unfortunately the most expensive brand out there: Philips Hue. The default behaviour is still to turn fully on, but using Zigbee2Mqtt it is possible to configure alternatives including ‘previous state’ or ‘always off’.

There's plenty more to add in later posts, but hopefully the above gives in broad strokes tha direction I'm going in, and one I would currently endorse. Happy Automating!

 Share, if you like. Fediverse sharing is preferred, though.