Active Topics
-
Firefox with Leste (5)
to Maemo 7 / Leste by teroyk - 4 days, 10 hrs ago -
Handbook (2)
to Maemo 7 / Leste by teroyk - 5 days, 9 hrs ago - more...
 |
|
2017-01-23
, 11:57
|
|
Posts: 6,445 |
Thanked: 20,981 times |
Joined on Sep 2012
@ UK
|
#2
|
You may be surprised but that Python script you found also controls the robot via the Neato cloud 
You can check it yourself.
I am afraid it is the common solution for may IoT (Internet of Things) implementations. I have not seen any robot vacuums yet but I have been involved in other IoT solutions. There is nothing sinister about it, it is simply the easiest solution. The device regularly "calls home" to check if there is a new command pending. The customer uses a remote control "app" that simply makes sure the command is ready by the next time the device checks in. It is the simplest solution from the device firmware's point of view. The device does not need to know anything about its surroundings and does not require any setup that would confuse and scare away 99% of customers. All it needs to know is its own ID and the URL of the central server.
There may be a command telling the device to check in with a different server, but then you would need to implement that server yourself. There may also be a way to talk to the device locally. Try finding out the robot's IP address and then navigate to that address with your browser. It may present you a "config" page. But I doubt this could be used for a direct control. More likely for things that do not change often, like configuration or a firmware upgrade.
You can check it yourself.I am afraid it is the common solution for may IoT (Internet of Things) implementations. I have not seen any robot vacuums yet but I have been involved in other IoT solutions. There is nothing sinister about it, it is simply the easiest solution. The device regularly "calls home" to check if there is a new command pending. The customer uses a remote control "app" that simply makes sure the command is ready by the next time the device checks in. It is the simplest solution from the device firmware's point of view. The device does not need to know anything about its surroundings and does not require any setup that would confuse and scare away 99% of customers. All it needs to know is its own ID and the URL of the central server.
There may be a command telling the device to check in with a different server, but then you would need to implement that server yourself. There may also be a way to talk to the device locally. Try finding out the robot's IP address and then navigate to that address with your browser. It may present you a "config" page. But I doubt this could be used for a direct control. More likely for things that do not change often, like configuration or a firmware upgrade.
__________________
Русский военный корабль, иди нахуй!
Русский военный корабль, иди нахуй!
|
|
2017-01-23
, 12:31
|
|
Community Council |
Posts: 4,920 |
Thanked: 12,867 times |
Joined on May 2012
@ Southerrn Finland
|
#3
|
I agree with @pichlo that the given scenario is the one most widely used by any appliances that are "internet enabled"; however from my point-of-view it is just as badly flawed as could be!
Even if there was no sinister ulterior motivations from the manufacturer who so wants to become more of a service operator then just purveyor of HW I'd feel extermely uncomfortable to allow it.
It's an intrusion to my home if external parties can access the information provided by appliances and potentially control them and/or upload firmware or configuration to the devices.
What I'd do is to try to figure out the protocol that the device wants to communicate with homebase and write my own counterpart for it, running it locally and diverting the traffic from the device to it.
Even if there was no sinister ulterior motivations from the manufacturer who so wants to become more of a service operator then just purveyor of HW I'd feel extermely uncomfortable to allow it.
It's an intrusion to my home if external parties can access the information provided by appliances and potentially control them and/or upload firmware or configuration to the devices.
What I'd do is to try to figure out the protocol that the device wants to communicate with homebase and write my own counterpart for it, running it locally and diverting the traffic from the device to it.
| The Following 5 Users Say Thank You to juiceme For This Useful Post: | ||
|
|
2017-01-23
, 13:48
|
|
Posts: 6,445 |
Thanked: 20,981 times |
Joined on Sep 2012
@ UK
|
#4
|
Originally Posted by juiceme
I would not necessarily call it "badly flawed". Just "naively implemented". There are a lot of advantages that solution brings, resulting in a simpler implementation. Not only for the manufacturer, but also for the user. You may have the know-how to talk to the thermostat in your bedroom from your phone on the beach on Ibiza but my sister does not. She needs a device that talks to a central server and a phone app talking to the same server. There are a million people like my sister for every juiceme.
I agree with @pichlo that the given scenario is the one most widely used by any appliances that are "internet enabled"; however from my point-of-view it is just as badly flawed as could be!
Of course there are disadvantages too! For example...
Even if there was no sinister ulterior motivations from the manufacturer who so wants to become more of a service operator then just purveyor of HW I'd feel extremely uncomfortable to allow it.
One obvious disadvantage for the operator is the additional load on supporting such devices. At the very least maintaining the server and keeping the SSL certificates, both on the server and on the end devices, up to date. One obvious disadvantage for the customer is that if the manufacturer goes out of business, your otherwise perfectly fine device may stop working.
It's an intrusion to my home if external parties can access the information provided by appliances and potentially control them and/or upload firmware or configuration to the devices.
What I'd do is to try to figure out the protocol that the device wants to communicate with homebase and write my own counterpart for it, running it locally and diverting the traffic from the device to it.
Why would anyone want an internet enabled vacuum cleaner anyway?
__________________
Русский военный корабль, иди нахуй!
Русский военный корабль, иди нахуй!
|
|
2017-01-23
, 16:25
|
|
Community Council |
Posts: 4,920 |
Thanked: 12,867 times |
Joined on May 2012
@ Southerrn Finland
|
#5
|
Originally Posted by pichlo
These things are the warning signals; when the services are both to be meant to be used by everybody's second cousins and the service provider is not working on their core competence area, it is a valid receipe for a disaster!
I would not necessarily call it "badly flawed". Just "naively implemented". There are a lot of advantages that solution brings, resulting in a simpler implementation. Not only for the manufacturer, but also for the user. You may have the know-how to talk to the thermostat in your bedroom from your phone on the beach on Ibiza but my sister does not. She needs a device that talks to a central server and a phone app talking to the same server. There are a million people like my sister for every juiceme.
Of course there are disadvantages too! For example...
Originally Posted by juiceme...this is one of them. It is not so much that the manufacturer "wants" to be the operator, it is more like he is "forced to become" one. In many cases the roles of "HW purveyor" and "service operator" are separated. An obvious example is smart meters: in such cases, the "service operator" is your utility company, not the meter manufacturer.Even if there was no sinister ulterior motivations from the manufacturer who so wants to become more of a service operator then just purveyor of HW I'd feel extermely uncomfortable to allow it.
There is no such thing as an unbreakable networked system, and the more closed the system is the more vulnerable it becomes. When a system is to be both idiot-proof and tamper-resistant while at the same time it leverages the whole bloody internetz as a connectivity method it is going to be really difficult and really expensive to specify, implement, test and maintain.
It is going to be eyebrows-raisingly expensive even to huge corporations like in automotive and telecom businesses where they have the incentive to do it correctly and dilute the cost of the system around their already large R&D expenses.
It is absolutely impossible that some household-appliance company can resource it to make it correctly.
tldr; blackhats are going to walk in and out your house and you will never know about it
| The Following 3 Users Say Thank You to juiceme For This Useful Post: | ||
|
|
2017-01-23
, 19:42
|
|
Posts: 6,445 |
Thanked: 20,981 times |
Joined on Sep 2012
@ UK
|
#6
|
Which brings me back to my question. Why would anyone want an internet enabled vacuum cleaner?
__________________
Русский военный корабль, иди нахуй!
Русский военный корабль, иди нахуй!
| The Following 3 Users Say Thank You to pichlo For This Useful Post: | ||
 |
|
2017-01-23
, 20:40
|
|
Posts: 889 |
Thanked: 2,087 times |
Joined on Sep 2010
@ Manchester
|
#7
|
With apologies to monkeyisland for going further off topic, there's at least a couple of posts on Matthew Garrett's blog about IoT and how poor the security is on them:
Blog:
http://mjg59.dreamwidth.org/
I bought some awful light bulbs so you don't have to
https://mjg59.dreamwidth.org/40397.html
I've bought some more awful IoT stuff
http://mjg59.dreamwidth.org/43486.html
Blog:
http://mjg59.dreamwidth.org/
I bought some awful light bulbs so you don't have to
https://mjg59.dreamwidth.org/40397.html
I've bought some more awful IoT stuff
http://mjg59.dreamwidth.org/43486.html
| The Following 2 Users Say Thank You to mrsellout For This Useful Post: | ||
 |
|
2017-01-23
, 20:42
|
|
Posts: 4,117 |
Thanked: 8,901 times |
Joined on Aug 2010
@ Ruhrgebiet, Germany
|
#8
|
Originally Posted by pichlo
Do you not see the use case?
Which brings me back to my question. Why would anyone want an internet enabled vacuum cleaner?
Your Android/Imer knows where you are and when you come back home. It/IoT also knows about wind and sun and atom states and can use energy whenever it is available. And you are not at home, so not disturbed.
I could go on and on. But I do not really like to
__________________
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!
Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257
editsignature, http://talk.maemo.org/profile.php?do=editsignature
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!
Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257
editsignature, http://talk.maemo.org/profile.php?do=editsignature
|
|
2017-01-24
, 05:42
|
|
Posts: 191 |
Thanked: 271 times |
Joined on Mar 2015
@ Germany
|
#9
|
So i read the pevious Posts.
I think i dont want that the machine "calling home" to neato Servers.
The machine works without connecting to the web great enough.
the timer function in the machine is enough.
I think i dont want that the machine "calling home" to neato Servers.
The machine works without connecting to the web great enough.
the timer function in the machine is enough.
| The Following 3 Users Say Thank You to monkeyisland For This Useful Post: | ||
|
|
2017-01-24
, 07:45
|
|
Posts: 6,445 |
Thanked: 20,981 times |
Joined on Sep 2012
@ UK
|
#10
|
Originally Posted by peterleinchen
Yes, I can see why someone might want to sell you one. My question was, why would you want to buy one?
Do you not see the use case?
Your Android/Imer knows where you are and when you come back home.
__________________
Русский военный корабль, иди нахуй!
Русский военный корабль, иди нахуй!
| The Following 2 Users Say Thank You to pichlo For This Useful Post: | ||
I managed to connect it with my jolla via an Android app called
"Kobold Robot"
What i dont like is that the app connects to neato Servers i cant
connect my Robot directly from my jolla.
Now i searched the web an i am really sure that my Robot is similar
to the Robots fom Neato.
For Neato Robots i find a Python Script here :
https://github.com/stianaske/pybotvac
is there anybody to make a "app" from this or somebody who can tell me a how to to use the script ?