pymyq
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Ubiquiti
-
Switch off bad TV settings
Another neat idea is to connect all “smart” equipment to an isolated vlan and separate wifi that can still be seen by your normal network devices.
For example if your wifi was called “Home”, an additional “Home-IoT” is for every device.
The IoT devices can then be set to not sniff your network, or even connect out if you want.
A good example of this is in this EdgeRouter setup guide, which is a pretty decent guide on how to plan a home network for more than just basic home browsing.
https://github.com/mjp66/Ubiquiti/blob/master/Ubiquiti%20Hom...
-
Home Assistant blocked from integrating with Garage Door opener API
One extra step I’ve learned to follow is to verify if needed, could the hardware be permanently redirected to a local server, and worst case reflagged with a different firmware or it can be redirected to remain local. The latter is sometimes easier if it’s a Tuya based device, which a lot of these unknown devices are.
https://github.com/make-all/tuya-local
One of the main things these “smart” devices do is use your internet connection. It’s wise to create a dedicated _IoT suffixed wifi which can’t access your network or devices, but at the same time your other devices can ping them.
How?
This is a pretty solid guide of a home network setup here. It can be running a $50 EdgeRouter X or translated to other devices.
https://github.com/mjp66/Ubiquiti
- Using the Ubiquiti EdgeRouter X and Ubiquiti AP-AC-LR Access Point
-
The NSA and CIA Use Ad Blockers Because Online Advertising Is So Dangerous
I followed this guy on Youtube and this guide on github to set up an Edge Router X. It was cheap and does all this, but was harder than I thought it would be to set up, even with a video guide.
pymyq
-
Home Assistant blocked from integrating with Garage Door opener API
Maybe my security background is shining through here. I guess we used to have "slashdotting" but that doesn't generalize well :)
I did do some napkin math to quantify how much that bad traffic may have been: HA estimates between 6857-25576 intallations of the MyQ integration. Let's say 16k clients. HA makes it really easy to detect and "add" the integration (which counts as an installation even if it's not configured), so, that's definitely not all clients hitting the API. Let's say it's 50%, so 8k actually using it. Most users just notice myQ is broken. Let's say some fraction retry, which would look the same as an extra user from a volume perspective. Call it an even 10k users (including repeat users).
The most recent change is after they broke everything past the OAuth dance. Let's say the OAuth request is 1kB. The retry code retries up to 5 times with exponential backoff. Let's say 5 requests over 10 min.
(5 requests / 10 minutes) * 1 request/user * 10k users = 5k requests/minute, or 83 per second, amounting to 83kB/s inbound.
There's no reason to assume those requests would synchronize, but I'm sure there's something (let's say every single myQ user updated at the same time).
If what they're saying is true, sounds like actually malicious botnet wielders can ransom the living daylights out of them. Given 1Tbs DDoS attacks they'd only need 6E-7 of the full bore ion cannon! ;-)
[1]: https://github.com/arraylabs/pymyq/blob/master/pymyq/request...
- Customizing and unsupported features via the API
- Myq Is Down Again What Should We All Replace It
What are some alternatives?
tuya-local - Local support for Tuya devices in Home Assistant
ratgdo
Pi-hole - A black hole for Internet advertisements
rat-ratgdo - Open source schematics for ratgdo PCB
esphome-ratgdo - ratgdo for ESPHome
privacytools.io - 🛡🛠 You are being watched. Protect your privacy against global mass surveillance.
secplus - A software implementation of the Security+ system used by garage door openers
OpenGarage-Firmware - OpenGarage: open-source WiFi-enabled garage door opener
elkm1 - Elk M1 Security and Automation Controller System, in Rust
myq - Go package and CLI tool for the Chamberlain / LiftMaster MyQ API