I have recently enforced a better privacy practice for my smart home devices, that includes creating a new access point for those devices and blocking them of internet access with VLAN.
Since then, my yeelight minas celiing lights goes unavailable whenever I physically switch them off and turn them on afterwards.
One really stupid thing is it needs internet access for using LAN control feature. it’s really really dumb.
but at the same time, in this kind of age where everything wants to phone their home, i need to somehow mitigate this in every possible way such as by fooling the devices as if they have access to the internet.
Is this kind of things possible?
thanks!
For a camera I’ve got that I don’t care too much about, I had to give it a ~50KB network connection out and then it gets its handshake, but, doesn’t have a good enough connection to actually upload video and then all the local features stay working. Eventually, I’ll replace it, but, it’s monitoring a place that I don’t care about too much, so, it’s low on the priority list.
Unfortunately, a light doesn’t need much in the way of a connection to begin with, but, if it needs some kind of handshake, maybe you can watch the traffic with Wireshark and whitelist that specific traffic or see if someone else has done the work for it (a quick search didn’t show anything for me, but, I haven’t gone in depth or anything)
Go zigbee! I was very hesistant running a second wireless network next to wifi, but it’s widely supported and totally cloud-free
Yeah really. I keep hearing these tales of issues with poor network and what not…
I have literally over 120 devices in my network. Ranging from the cheapest Tuya door/windows sensors I could find (cause I needed thirty+!) to innovelli switches and it just works fantastic. HamGeek PoE concentrator. My only complaint it not being able to control the mesh more (tell certain devices not to be routers, force certain routes for end devices so they don’t use routers that go down when the power is out). I will probably remedy that by adding a second concentrator.
That’s not to say wifi with ESPHome.and Tasmota aren’t great. Far more powerful and flexible, and with a quality AP it can also support a ton of devices, I have easily four dozen devices running with no issues.
Your smart home has more computing power than my computer
That sound really a hard to do.
Basically you have to formulate the right responses that this device is looking for when it is communicating over the Internet.
My only idea is maybe you can capture the device’s request and response using Wireshark and then use a dummy server to fire the same response s back to the device inside your vlan l. You’d also need to set a DNS to reroute the traffic properly. If the device is using encryption layers that’s basically impossible iirc.
Basically you are looking to set up your own very basic mitm for that device.
Ikr. I hope it’s just icmp ping to whatever address or smth. I don’t have in-depth knowledge of wireshark so might be a tough journey
Wireshark is the best way as it’ll show you exactly what’s going on; DNS addresses, traffic type, etc. (But not inside encrypted packets)
But to do that it (you) need to see all the traffic between the ceiling light and the internet, so if you’re on wifi and it’s on wifi, that won’t work.
Hopefully your router has the ability to either do a packet capture, or, mirror traffic to a physical port.
I seem to recall that a guy did do this once with a Google chromecast but he was a professional IT security of some kind, and that was years ago.
I seem to recall that same year reading about a network engineer who used their homes nest thermostat to stop his wife from sleepwalking to the kitchen to eat and ruining her diet.
It’s not that I think it can’t be done, it’s just that I think it might require you to either spoof responses or change the the firmware in some way.
Matter is supposed to solve this problem. Unfortunately, a lot of implementations still phone home, at least during provisioning.
I disagree. Matter is going to make things even much worse in this regard.
