Starting Over - What would you do?

[IVB]

well to be blunt, we're not really talking about home "automation" here, we're talking about home "alternative manual control".  Automation means the user doesn't have to do anything (ie, the HA system turns on the light when it senses a car in the driveway). This isn't that. The user has to take an action, all we're discussing is the best type of action and the stability of the underlying architecture to support that action.
 
There's really 3 layers of manual control I have:
 
Level 1) Voice control. (via cloud)
Level 2) App-based control (ie CQC, Homeseer, Harmony "smarthub", whatever)
Level 3) Get your butt up and turn stuff on/off.
 
If you have a volatile cloud connection, don't implement Level 1. But if you do and it goes down, you can always fall back to Level 2. Keep in mind that controllers break too. I could just as easily say "Control 4, AMX, Crestron, HomeSeer, PC-based HA can be really cool.  It's just not always there."
 
In which case, get your ass up and turn things on/off by themselves one at a time.
In which case Level 2 is broken, and I have to resort to Level 3.
 
Same argument about a manufacturer pulling support or exiting the market for either level 1 or 2. 

 

[cobra]

Yeah, that's certainly fair enough.  I mixed a DSC system and a automation system for that reason, automation can fail and have security separate. 

 

[pete_c]

Level 3) Get your butt up and turn stuff on/off.
 
I've been doing this lately to see to discover the TV buttons giving me something to do ...
 
Level 1) Voice control. (via cloud)
 
I quit for the time bean cuz Alexa wouldn't shut off the internet or tell me how to do it.
 
Level 2) App-based control (ie CQC, Homeseer, Harmony "smarthub", whatever)
 
Been playing here with custom screens and buttons...you know you can go to the dark side here defining a button that looks innocuous but is truely nefarious.
 
Goofing around last year with a media device that connected and was a bit dependant on a cloud connection and using random mac address generator spoofing a mac I looked at the device via the internet GUI and while it was connected to my account it showed someone other than me. (user name and account on said device was not mine).

 

[IVB]

Yeah, that's certainly fair enough.  I mixed a DSC system and a automation system for that reason, automation can fail and have security separate. 

 
With all apologies to Asterisk & Obelisk, anyone who does excessive merging of security & automation should be thumped. Its also why I put darn near zero rules in the Elk.
 

Goofing around last year with a media device that connected and was a bit dependant on a cloud connection and using random mac address generator spoofing a mac I looked at the device via the internet GUI and while it was connected to my account it showed someone other than me. (user name and account on said device was not mine).

 
Was it a no-name made-in-china device? I've seen several reports on google plus about chinese made devices that are SUPER cheap, but end up having massive security issues/holes. My conspiracy theorist/tinfoil hat is on overdrive about those, I won't use them. 

 

[HDClown]

With all apologies to Asterisk & Obelisk, anyone who does excessive merging of security & automation should be thumped. Its also why I put darn near zero rules in the Elk.

 
I've read in some older posts that some people like doing some automation in their Elk/HAI panels because they know it's always going to work and be reliable, where as some of the hubs/software have proven for them to randomly lock up and need resetting.  If you choose the route of a platform that runs software on Windows OS, then you are just dealing with the realities of long-uptime Windows OS can cause problems.  It's easy enough to remediate with schedule reboots, and Windows has gotten very stable as a whole compared to the past, but something running on an purpose built embedded platform or firmware is always going to be more reliable than software on top of Windows.. If you're doing software on Linux, that should be pretty darn close to reliability of embedded platform type stuff.
 
But anyway, I don't think doing it this way is a bad thing to consider.

 

[pete_c]

Was it a no-name made-in-china device? I've seen several reports on google plus about chinese made devices that are SUPER cheap, but end up having massive security issues/holes. My conspiracy theorist/tinfoil hat is on overdrive about those, I won't use them.
 
Nope.
 
It was designed in Miami (John Scully) and assembled in China and was a multipurpose cloud enabled telephony or automation kiosk (with DECT and Zigbee) with an Intel Atom based motherboard (not ARM CPU).  Avaya, Cisco, Verizon, AT&T and a few international telcos and a few utility (energy) companies rebranded the devices for their own sale and use.
 
It does seem like the capacitance glass is a bit like gorilla glass.  The plastic is so hard I cannot break it easily with a hammer.  (originally used a hammer and tin snips to cut open another device so that I could see its guts from the same company)
 
The Realtek NIC chip was blank and it originally got it's MAC address from the cloud application based maybe on the serial number?
 
I have never seen this before on a NIC chip.  It had nothing in the ROM.
 
I just dropped a proprietary cloud based media player on it and spoofed a MAC address (manually).
 
I have recently "fixed" the device using an SROM NIC chip programmer and gave it a proprietary MAC that fits nicely on my network and does work fine now with the cloud enabled media server (it is registering correctly and registration now sticking to the device).
 
It is understood about the manual control thing and automation stuff.  I use from both worlds of automation today (firmware and software).  I have switched from Wintel to Ubuntu Linux running Homeseer in Linux Mono.  I could break the Wintel software and today I cannot break the Linux software.  (I do try).  I played with TTS / VR in the early 2000's.  It got old a bit and went to just TTS here.  I used to use my automation smartphone remote stuff to bug my wife while I was traveling for business more than anything. I did monitor my lightning sensor when golfing as here when a storm approaches no siren goes off (I can see the siren from my home).  You are kind of on your own as the rangers disappear to the club house like ants at a picnic in reverse.  Not many trees around such that you can be that lightning attractor shaking your club in the air on a green.
 
As stated previously though; newest automation stuff playing is easier with software.  Newest stuff on firmware / cloud can be more difficult relating to updates, outages, (bad change management processes) et al.  The console is the console is the console. (whether VR, touchscreen, gesturing or buttons).
 
My HAI keypads with LCD screens while primitive work fine as consoles.  Nothing fancy there; never fails.

 

[BaduFamily]

Yes, AmazonEcho->Cloud->House.  I have a video uploaded to my YouTube channel, its subsecond response time.
 
I'm not one of these "cloud durn bad yukkie" folks. If you think the NSA doesn't already know who you are, where you go, what do you do, who you talk to, and the contents of every single unecrypted item on your machine, you're living in the past. We lost our privacy after 9/11, I may as well get some convenience out of it.

 
uh IVB, I have taught at the NSA. no need to get ... self righteous on me.
 
I just don't like depending on a vendor & a distant connection, and wanted to be clear on the dependencies.

 

[IVB]

 
uh IVB, I have taught at the NSA. no need to get ... self righteous on me.
 
I just don't like depending on a vendor & a distant connection, and wanted to be clear on the dependencies.

Sorry, not at you, but every single cloud post on any forum devolves into that, with some people refusing to implement without security that would keep out the Impossible Mission Force.

 

[ano]

Sorry, not at you, but every single cloud post on any forum devolves into that, with some people refusing to implement without security that would keep out the Impossible Mission Force.

I think what everyone here would love to hear from those people that use a cloud-based system and control their house with it, and have for a year or more.  Please tell use about your experiences. 

 

[IVB]

I think what everyone here would love to hear from those people that use a cloud-based system and control their house with it, and have for a year or more.  Please tell use about your experiences. 

 
I've used IFTTT in a minor way for over a year and dynamic DNS to access cameras. Obviously not voice control since thats new. (See the Level1 vs Level2 above). Here are my experiences:
 
If the concern is "the cloud could go down", I haven't literally NEVER noticed that to be an issue. Even Comcast outages are pretty rare, far less than 1x/quarter.
 
If the concern is "service could be yanked", ditto. Haven't seen an issue with providers either deprecating code or pulling down service. See below.
 
If the concern is "its not secure someone could disarm security",  From a physical security perspective, you're not going to remotely disarm my security system to break in. You'll kick the door down or climb in through a window. 
 
If the concern is "someone could digitally hack in and control stuff":someone would have to use CQC, get past a 15 digit password rated by LastPass as "strong". And then yes, you would be able to control my lights, stereo/TV, etc. I didn't code "disarm" into CQC screens but if you knew the protocol you could do that, yes. Until I take 4 minutes and change the password.
 
Here's what I think people need to worry about, this has been my primary negative experience with stability.  
- most people use easy to crack WiFi passwords. Like my inlaws. Who use their house address (ie 1234PeachStreet)
- Non-cloud hardware vendors exit the market, abandoning their products. Intermatic zWave was a joke.
- Hardware vendors love to issue new versions and deprecate old products or protocols. Elk doesn't support older wireless on newer firmware so all my old devices are paperweights, GlobalCache having non-field upgradable firmware so any issue costs $35 to ship, $30 to reset firmware, just cost me $100.
- Quality control in general is a joke. My lovely hardwired Aprilaire thermostat had a tendency to lose connection every time a big truck rolled by, until I pulled a Fonzie and hit it. That POS NuVo Concerto I own doesn't use banana plugs, instead has this TINY little port in which to plug speaker wires. But they have to be 18g or smaller, I had bought a ton of 16g but fortunately stranded, I got it to fit by pulling off some strands.
- Occasionally some random non-HA program will go nuts and flood the network with traffic, killing everything for everyone until I find & reboot the offending device. Google Drive, employer VPN, and browsers (both IE & Chrome) are the biggest culprits. 
 
I could go on about how my issues with stability & security in the non-cloud world *dwarf* any issues with the cloud, but that already proves the point. AT lesat for me, the cloud is NOT the weak link here, its everything else. For me, the cloud is typically the one with 99.999% level stability.

 

[IVB]

btw as shown above, i have multiple levels of control. Many times I bypass Level 1 (cloud/voice) and go to level 2, such as its night time wife asleep next to me so I tap my phone to an NFC chip to trigger an action. Thats fully within the network.  It's not either all cloud or no cloud, you can have a hybrid setup.

 

[ano]

I've used IFTTT in a minor way for over a year and dynamic DNS to access cameras. Obviously not voice control since thats new. (See the Level1 vs Level2 above). Here are my experiences:

I don't think most people here are really talking camera monitoring on the cloud, or controlling your thermostat.  Obviously if you are outside your house, you have to access these somehow.  We're talking about the 1000's of operations my home control systems do everyday.  Control lights, locks, blinds, thermostat in response to time, motion, temperature, light, driveway sensors, etc.  Voice, O.K. but I for one don't see voice as very important for a "smart home."  If I have to tell it to turn on a light or open a shade, that isn't very "smart."

 

[IVB]

I don't think most people here are really talking camera monitoring on the cloud, or controlling your thermostat.  Obviously if you are outside your house, you have to access these somehow.  We're talking about the 1000's of operations my home control systems do everyday.  Control lights, locks, blinds, thermostat in response to time, motion, temperature, light, driveway sensors, etc.  Voice, O.K. but I for one don't see voice as very important for a "smart home."  If I have to tell it to turn on a light or open a shade, that isn't very "smart."

 
Again, its not an either-or. I don't think anybody here is suggesting migrating your entire rules/etc setup to the cloud, rather using it as the highest level form of alternative manual control.
 
Which is what I said above anyhow, using a smartphone app to turn on a light or open your shades isn't any smarter than using your voice, neither are actual home automation, they're home alternative manual control. Heck even if your home control system "automatically" turns on a light because you instructed the system to do something else (like turn off the projector), its also not "smart". Thats a macro, and a 10 year old universal remote control can do that. To me, smart means "the human didn't have to perform anything manual, the system monitors behavior and reacts accordingly".  Getting within 2 miles of my house according to cellphone GPS, resulting in the thermostat being raised and exterior lights turned on, is "automation" as it didn't require me to do anything.