They’ll have lost the source code for all the enterprise plugins (SAP, Salesforce, etc etc) they have, all the infrastructure as code and provisioning code to run their software in Grafana Cloud, all their closed source code for apps like IRM that were never open source, and probably a load of expensive source code they acquired through partnerships with companies like warpstream.

So yeah probably a six or seven figure loss. In particular the IaC means the attackers can spend tokens to find possible cloud vulnerabilities that will allow them to attack the cloud product, maybe even steal customer data.

Fortunately there are plenty of Zigbee dongles that are compatible with HA, and just as fortunately they will all support Aqara sensors using MQTT with very little effort.

A supermicro 5018A-FNT4 with 16GB RAM. HA takes up about 25%, the rest is influxdb and Grafana.

note that a lot of IR devices now blast a whole bunch of different codes for each button press, so they can control more devices with the same remote.

If you’re capturing from the remote and it seems like the code changes each time, you might need to capture it all and play back one code at a time to work out which one is for your device.

If you have to open it up, then you can at least allow-list IP addresses through your firewall so it’s not everyone who gets full access.

😒

HK G36-C no?

The year is 2006. A Wordpress vulnerability allows attackers to create admin accounts.

The year is 2016. A Wordpress vulnerability allows attackers to create admin accounts

The year is 2026…

was this today? I also need half an hour or so to get going on a friday.

ah yeah I meant to type “enable”.

thanks - changed

they’re all attack attempts. set up fail2ban, enforce ssh key-based authentication, run it in a non standard port and create firewall allow lists for trusted users, networks or countries if you can. make sure everything is patched frequently.

expect consequences for running onion hidden services - captchas and denied service for that IP address, but also attacks against the hidden service itself.

Tuya devices are super cheap, often sold as massive loss leaders and frequently rebadged as other brands (MOES comes to mind, as well as lots of “iThing” type brands)

It is not surprising at all that lots of folks eschew the mobile app and use HA to control them. Also the Local Tuya integration is difficult to use and often doesn’t work at all.

There’s also this cool Zigbee IR blaster device that can learn the IR codes and then fire them out from HA if you don’t have the stomach for ESPHome.

I bought an LG commercial display, which was roughly double the cost of an equivalent LG TV.

It’s awesome, it has 2x HDMI inputs and no smart features at all. It is supposed to go in video walls (big arrays of tiled TVs) so don’t need all that AI stuff.

Control is via RS232, so I soldered a connector onto an ESP-32 and installed ESPHome on it to control power, volume and screen.

A soundbar isn’t quite right for me, but again I would recommend something with RS232 and use an ESP-32 (if you like hacking) or a commercial rs232 to ethernet adapter (like this) if you don’t.

I use the Hive integration and just let the Hive stuff do its work, monitoring via Home Assistant occasionally. My setup is the Hive thermostat, boiler relay and the hub

I went down a rabbit hole of TRVs, automations, Shelly relays talking to the boiler, zigbee thermometers everywhere, and it got complicated. Ultimately the big risk was the system getting stuck or in a state where the boiler would be on all the time and cost a fortune, so I got rid of it all.

If Hive no longer meets my needs I know I can just pair the hardware to my zigbee network and stop using the cloud service.

local control via wifi or zigbee, nothing that connects to the internet.

there’s a good tutorial to host ollama and a vector database here

Have a look at the LinkedGo wall thermostats. They have Shelly chips inside so rock solid and great compatibility with HA.

maybe just a window/door sensor that uses a magnet to detect closure?

Apollo Automation