this post was submitted on 26 Nov 2023
2 points (100.0% liked)
Home Automation
79 readers
2 users here now
Home automation is the residential extension of building automation.
It is automation of the home, housework or household activity.
Home automation may include centralized control of lighting, HVAC (heating, ventilation and air conditioning), appliances, security locks of gates and doors and other systems, to provide improved convenience, comfort, energy efficiency and security.
Warning: Working with electricity can result in injury, property damage, or even death if it is not done properly. Please keep this in mind while assisting others. If you are not sure about what you are doing, hire a licensed professional.
Rules
- No abusive behaviour. This is a forum for friendly discussion; personal attacks will not be tolerated and you will be banned without warning.
- Referral/affiliate links are NOT ALLOWED!
- NO POLITICS! There are plenty of other communities to discuss them; this is not one.
- When posting project details must be included. Posting a video or image without detail will result in a removed post and may result in a ban.
- Crowdfunding links are not allowed.
- Reposts, low-effort content and karma farming may be removed at the discretion of the mods. Posters may be banned without warning.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Short answer: most likely not achievable 100%. Long answer: possible if the right conditions are met.
If someone tells you differently and provides a simple answer they most likely don't fully understand the problem.
There are only 2 ways to restrict traffic you either use a firewall or a proxy. firewalls work at the TCP/IP layer and proxies at http layer. Let's focus on IP layer because these apps likely use HTTPS and SSL pinning making it impossible to proxy their requests without modifiyimg the app and the TV.
To block it at the IP layer you need to know Netflix and Google IP addresses. Their services are highly dynamic and change IP addresses all the time.
Google provides a list of IP addresses. Netflix I'm not sure. Read this page until the end: https://support.google.com/work/android/answer/10513641?hl=en
You would need to scrape this information and update your firewall rules frequently to avoid it breaking. And this would not prevent access to other Google services.
I think this is all very impractical and you are likely to give up during the process. A more reasonable setup is to do something that gets you closer to the final goal but has some flaws.
You could block DNS resolution to all domains and only allow certain domains. This way only play store and Netflix domains could be accessed. This can be achieved by having a configurable DNS server like pihole https://pi-hole.net/.
This won't prevent your TV from accessing other services but it will tell your TV that they don't exist or that they are located in the wrong IP address and your TV will fail to connect.
But this is not perfect. If your TV has some hardcoded IP addresses or it uses a different protocol to resolve the domains it needs it will still be able to connect to external services.
If your safety was on the line this method would likely not be viable but because your likely trying to protect from some general chinese corporation data gathering practices or preventing someone in your house to use the TV for other means this should be enough.
This. Good writing. I would add that you need log collection additionally on top of it. That will help to determine what is the baseline (bare Hisense) ... then you deny-all and do whitelisting according your investigation and hunting. It can take weeks....
I'd recommend setting up the router so that "dns requests" are always forwarded to your pihole so that at least hardcoded dns servers are caught. Depends on the router how this can be done (if at all).