this post was submitted on 20 Apr 2026
1290 points (96.8% liked)
Programmer Humor
31064 readers
2745 users here now
Welcome to Programmer Humor!
This is a place where you can post jokes, memes, humor, etc. related to programming!
For sharing awful code theres also Programming Horror.
Rules
- Keep content in english
- No advertisements
- Posts must be related to programming or programmer topics
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I work in IT, been a software developer for decades.
I have a full on smart home, all the smart tech you can imagine. All connected and running locally via home assistant.
Smart tech isn't bad, shitty tech is.
"Why are you sitting in the dark?"
"AWS is down 😞"
Same for me. I don't really like to expose my home and I don't understand how people are so eager to plug in shady WiFi stuff into their network. I've got one "smart" device with WiFi connectivity I've allowed to connect to my network, but I've disallowed going online and I've put it into a different vlan.
Friend of mine: "let's set up a camera in our bedroom to check on on the dog when we're away."
The one thing I will never use a smart device for is my door lock. I don't understand how tech literate people really trust that.
I was considering a smart lock for my (armored) front door, but just because there are some locks manufactured here in Italy that can be set to be controlled by external contacts.
Which means I could use and ESP or similar with esphome, now they also support wired, ethernet ones.
That's way more secure than the shitty lock I have now, I've seen videos of people picking that with a decoder device in 30 seconds.
Locks are not secure anyway and even if it is the most secure lock ever built may I present a window. Most break ins at least when I did home alarms where smash window right beside door and unlock it.
True as well, but a broken window or a lockpick my neighbors might be interested in.
Again, my door is armored and I live in an apartment high up enough that climbing, while possible, is challenging.
Together with non-flashy vehicles and the complete absence of anything valuable (besides RAM!), we're not an interesting target. Even if someone broke in they'd have to be an electronics enthusiast to find anything worth stealing.
I have a couple WiFi devices for smart home like some TVs and thermostat. All blocked from WAN access and used for local control.
I’m gonna guess that you put a decent amount of time into figuring out a good set of smart home products and maybe even put some effort into looking up which products play well together and what configurations are ideal.
And that’s great if you enjoy shopping for, setting up and maintaining all those toys. But we all know there is too much shitty tech out there to think that it’s a good idea to grab a bunch of smart home stuff at Best Buy one afternoon and just plug it all in and call it good.
I think the thing is, folks in tech are less likely to be cool with, for example, exposing their door locks on the internet without doing a decent amount of due diligence. You have to want it enough to put in the work to make sure you have something that you can feel is secure, smooth operating and meets your personal privacy expectations. It kinda has to be a minor hobby. Which is cool if you happen to enjoy it or get enough joy from the result to make it worthwhile.
For me, I have enough hobbies and pastimes. I’ll put in the effort when the payoff is high, like for a home media server. But there’s no way in hell I’m signing up for future chores and headaches just so I can control my window curtains from my phone.
Nope ZigBee or zwave cool. Not that hard. Next work offline with home assistant OK.
The key thing is you have exclusive root access to all of it and spend time on admin.
as a hardware iot security person, that is possible but too much attack surface to manage
ZigBee, Z-wave and Thread have virtually 0 attack surface from an IoT perspective, and even then what are they gonna do, do radio hacking to turn off and on my lights? It's not like they can be used in a botnet.
Locks is a bit more risky as an endeavor, but again, it's probably easier to pick the lock than hack it... Actually with the quality of many smart locks, smashing them is easier still.
Smart TVs are way more problematic devices for example, as soon as they stop receiving updates, you have a bunch of high-speed internet connected devices with unresolved exploits just sitting there waiting for the right chance.
ive used smart light bulbs in a botnet before. and if you do a teardown on one of those locks you can probably get the firmware and uart to get the unlock function which you could use theoretically to unlock every single one
Yeah that's why I never mentioned WiFi ones. Which can still be secured by not letting them access the rest of the network or the internet. That's what we do in industrial automation, security standards for PLC software tend to suck, but that's irrelevant if it can't be reached.
I don't see how that's relevant for a lock that's inside an armoured door, it's only accessible by disassembling the door, at which point unlocking it is moot.
Hear hear.
I feel the meme in the post is created by someone pseudoilliterate in technology. But I can guaranty you they have a smart TV connected to the same WiFi as all their computers and maybe a nas or home server.
Setting up zwave or ZigBee networks is not an attack vector.
Ditto. A smart home that can operate even if the Internet is offline was one of my core goals setting this up. And save for a few exceptions, I accomplished it. It's so jarring now to go on vacation and not have all this automation.
This is exactly the line of thought I think people aren't seeing as the gap. Y'all are too comfortable expecting the internet to be on 24/7. Or the power, for that matter.
If Cloudflare shits the bed again, are your lights stuck on or off? Can you not turn up the heat? We're in a period of history where things will bet worse, not better. The last thing I want is "error: can't connect to internet" being why you can't turn the things you can touch in your house on and off. I get it if you've managed to do the work to have it all locally hosted, but just as-is seems like a bet against one's self.
When the power is off chances are that whatever is integrated is degraded anyway. And for actuators just choose some that fail gracefully and allow manual handling. For the rest use HA as much as possible, favour local integrations with no cloud dependencies… and when there are dependencies than make sure the override is available physically (looking at my vaillant HP). Then stack UPSes or even better home grade batteries (my next endeavour) and have backup connectivity to internet and you’re a peachy as can be.