esphome-ratgdo
pymyq
esphome-ratgdo | pymyq | |
---|---|---|
1 | 3 | |
302 | 112 | |
5.3% | - | |
9.4 | 0.0 | |
14 days ago | 7 months ago | |
C++ | Python | |
GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
esphome-ratgdo
-
Home Assistant blocked from integrating with Garage Door opener API
ratgdo looks really nice! I've been controlling my garage door via dry contact on my Elk security system [1] and monitoring the door status via a separate rolling door reed sensor. [2] But from following the ratgdo link, I learned that my "Security+ 1.0" garage door opener has a RS-232 interface with a protocol that will tell you about door status and obstructions. That's better!
I just clicked the buy link on the ratgdo thing to support the nice, well-documented open-source [3] project. In truth though I have the right hardware sitting around here already, so I might just use that depending on how long the "back ordered" status lasts...
[1] There's a Home Assistant integration for the Elk M1 Gold with some Python library; I also have my own WIP Rust library for interacting with it here: <https://github.com/scottlamb/elkm1>
[2] something like this one: https://www.amazon.com/Gebildet-Security-Rolling-Magnetic-Ap...
[3] docs at <https://paulwieland.github.io/ratgdo/> but the actual code is in a separate repo at <https://github.com/ratgdo/esphome-ratgdo>
pymyq
-
Home Assistant blocked from integrating with Garage Door opener API
Maybe my security background is shining through here. I guess we used to have "slashdotting" but that doesn't generalize well :)
I did do some napkin math to quantify how much that bad traffic may have been: HA estimates between 6857-25576 intallations of the MyQ integration. Let's say 16k clients. HA makes it really easy to detect and "add" the integration (which counts as an installation even if it's not configured), so, that's definitely not all clients hitting the API. Let's say it's 50%, so 8k actually using it. Most users just notice myQ is broken. Let's say some fraction retry, which would look the same as an extra user from a volume perspective. Call it an even 10k users (including repeat users).
The most recent change is after they broke everything past the OAuth dance. Let's say the OAuth request is 1kB. The retry code retries up to 5 times with exponential backoff. Let's say 5 requests over 10 min.
(5 requests / 10 minutes) * 1 request/user * 10k users = 5k requests/minute, or 83 per second, amounting to 83kB/s inbound.
There's no reason to assume those requests would synchronize, but I'm sure there's something (let's say every single myQ user updated at the same time).
If what they're saying is true, sounds like actually malicious botnet wielders can ransom the living daylights out of them. Given 1Tbs DDoS attacks they'd only need 6E-7 of the full bore ion cannon! ;-)
[1]: https://github.com/arraylabs/pymyq/blob/master/pymyq/request...
- Customizing and unsupported features via the API
- Myq Is Down Again What Should We All Replace It
What are some alternatives?
OpenGarage-Firmware - OpenGarage: open-source WiFi-enabled garage door opener
ratgdo
rat-ratgdo - Open source schematics for ratgdo PCB
Ubiquiti
secplus - A software implementation of the Security+ system used by garage door openers
tuya-local - Local support for Tuya devices in Home Assistant
elkm1 - Elk M1 Security and Automation Controller System, in Rust
myq - Go package and CLI tool for the Chamberlain / LiftMaster MyQ API