rat-ratgdo
pymyq
rat-ratgdo | pymyq | |
---|---|---|
2 | 3 | |
290 | 112 | |
- | - | |
9.6 | 0.0 | |
about 2 months ago | 7 months ago | |
HTML | Python | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
rat-ratgdo
-
Home Assistant blocked from integrating with Garage Door opener API
You may actually need a little bit of extra information to recreate the little PCB board that the ratgdo software relies on to interface the espressif to the terminals of your opener.
It's not terribly complicated but for reasons that are polarizing to many in the garage-door-automation society, the author of the software, although leaving the code completely open source is averse to publishing schematics for the PCB board itself, so others have had to step in and reverse engineer these.
I believe, although I have not verified because I haven't tried this myself, that this site provides both the schematics you need as well as information necessary to Flash the software onto your ESP device.
https://github.com/Kaldek/rat-ratgdo/tree/main
pymyq
-
Home Assistant blocked from integrating with Garage Door opener API
Maybe my security background is shining through here. I guess we used to have "slashdotting" but that doesn't generalize well :)
I did do some napkin math to quantify how much that bad traffic may have been: HA estimates between 6857-25576 intallations of the MyQ integration. Let's say 16k clients. HA makes it really easy to detect and "add" the integration (which counts as an installation even if it's not configured), so, that's definitely not all clients hitting the API. Let's say it's 50%, so 8k actually using it. Most users just notice myQ is broken. Let's say some fraction retry, which would look the same as an extra user from a volume perspective. Call it an even 10k users (including repeat users).
The most recent change is after they broke everything past the OAuth dance. Let's say the OAuth request is 1kB. The retry code retries up to 5 times with exponential backoff. Let's say 5 requests over 10 min.
(5 requests / 10 minutes) * 1 request/user * 10k users = 5k requests/minute, or 83 per second, amounting to 83kB/s inbound.
There's no reason to assume those requests would synchronize, but I'm sure there's something (let's say every single myQ user updated at the same time).
If what they're saying is true, sounds like actually malicious botnet wielders can ransom the living daylights out of them. Given 1Tbs DDoS attacks they'd only need 6E-7 of the full bore ion cannon! ;-)
[1]: https://github.com/arraylabs/pymyq/blob/master/pymyq/request...
- Customizing and unsupported features via the API
- Myq Is Down Again What Should We All Replace It
What are some alternatives?
secplus - A software implementation of the Security+ system used by garage door openers
ratgdo
esphome-ratgdo - ratgdo for ESPHome
Ubiquiti
tuya-local - Local support for Tuya devices in Home Assistant
elkm1 - Elk M1 Security and Automation Controller System, in Rust
OpenGarage-Firmware - OpenGarage: open-source WiFi-enabled garage door opener
myq - Go package and CLI tool for the Chamberlain / LiftMaster MyQ API