I have recently enforced a better privacy practice for my smart home devices, that includes creating a new access point for those devices and blocking them of internet access with VLAN.
Since then, my yeelight minas celiing lights goes unavailable whenever I physically switch them off and turn them on afterwards.
One really stupid thing is it needs internet access for using LAN control feature. it’s really really dumb.
but at the same time, in this kind of age where everything wants to phone their home, i need to somehow mitigate this in every possible way such as by fooling the devices as if they have access to the internet.
Is this kind of things possible?
thanks!
Go zigbee! I was very hesistant running a second wireless network next to wifi, but it’s widely supported and totally cloud-free
Yeah really. I keep hearing these tales of issues with poor network and what not…
I have literally over 120 devices in my network. Ranging from the cheapest Tuya door/windows sensors I could find (cause I needed thirty+!) to innovelli switches and it just works fantastic. HamGeek PoE concentrator. My only complaint it not being able to control the mesh more (tell certain devices not to be routers, force certain routes for end devices so they don’t use routers that go down when the power is out). I will probably remedy that by adding a second concentrator.
That’s not to say wifi with ESPHome.and Tasmota aren’t great. Far more powerful and flexible, and with a quality AP it can also support a ton of devices, I have easily four dozen devices running with no issues.
Your smart home has more computing power than my computer
It’s very possible, but on the bright side it’s all local, no cloud garbage 😎
I understand the benefits of zigbee. However, its regional availability is poor. In my country acquiring zigbee hub(?) without going for sketchy options is not feasible.
Then maybe next time you could buy devices supported by Tasmota
https://templates.blakadder.com/
As for the current yeelights - sorry, no idea
What is a sketchy option?
I just bought a Sonoff Zigbee Dongle Plus E and use ZHA and it works like a charm. No third party cloud based coordinator. I guess you still have to trust the firmware of the dongle, but that is about it.
I simply have not access to zigbee dongle except for on sketchy Chinese websites. I usually buy those kinds of devices from Amazon.
I mean - the ones you can buy from Amazon are the same you buy from Aliexpress, just more expensive. Of course, one could fear that some of them have failed QA or whatever - but I would not have much reason to suspect malicious firmware - and if you do, you can flash your own. You do that anyway if you want to use the dongle as a Zigbee router (instead of coordinator).
That sound really a hard to do.
Basically you have to formulate the right responses that this device is looking for when it is communicating over the Internet.
My only idea is maybe you can capture the device’s request and response using Wireshark and then use a dummy server to repeat it. If the device is using encryption layers that’s basically impossible iirc.
Ikr. I hope it’s just icmp ping to whatever address or smth. I don’t have in-depth knowledge of wireshark so might be a tough journey
Wireshark is the best way as it’ll show you exactly what’s going on; DNS addresses, traffic type, etc. (But not inside encrypted packets)
But to do that it (you) need to see all the traffic between the ceiling light and the internet, so if you’re on wifi and it’s on wifi, that won’t work.
Hopefully your router has the ability to either do a packet capture, or, mirror traffic to a physical port.
Yeah I think the right response is to return the lightbulb and get a new one. One that doesn’t require an internet connection. Build some market pressure in the direction of offline appliances
For a camera I’ve got that I don’t care too much about, I had to give it a ~50KB network connection out and then it gets its handshake, but, doesn’t have a good enough connection to actually upload video and then all the local features stay working. Eventually, I’ll replace it, but, it’s monitoring a place that I don’t care about too much, so, it’s low on the priority list.
Unfortunately, a light doesn’t need much in the way of a connection to begin with, but, if it needs some kind of handshake, maybe you can watch the traffic with Wireshark and whitelist that specific traffic or see if someone else has done the work for it (a quick search didn’t show anything for me, but, I haven’t gone in depth or anything)
Limiting the bandwidth for the VLAN zone could be really interesting. Thanks for the insight
I seem to recall that a guy did do this once with a Google chromecast but he was a professional IT security of some kind, and that was years ago.
I seem to recall that same year reading about a network engineer who used their homes nest thermostat to stop his wife from sleepwalking to the kitchen to eat and ruining her diet.
It’s not that I think it can’t be done, it’s just that I think it might require you to either spoof responses or change the the firmware in some way.
I have this issue with my Hisense TV. I just want to use Jellyfin and it works offline… for a while. After several days without internet, it wants to reconnect to use any apps.
Matter is supposed to solve this problem. Unfortunately, a lot of implementations still phone home, at least during provisioning.
I disagree. Matter is going to make things even much worse in this regard.
Yeah matter over WiFi is crazy good even with home assistant! I love those devices. I hope I can get my hands on if I’m financially successful lol
You would need to figure out what it’s communicating with the server and replicate that, so at best this would need a per device (Ie wiz bulbs vs yeelight would be different) solution and would be a massive pita to figure out.
Is there a reason you need to turn them off at the switch instead of turning them off with the WiFi control?
