Can you actually access any of the doorbells on the internet with this? It reads to me like you need physical access to extract the signing keys etc over the debug port before you can actually impersonate the device
You could take a picture from the real footage, remove the people from it and insert yourself into the front yard. Then when they open the door act confused that you cant see them.
edit: my doorbell resets if you hold it down for 10 seconds then it takes wifi credentials with a QR code and thinks you are it's new owner.
I have a Reolink but haven't got to Home Assistant yet. I'm happy switching to that, but for less technical (though still digital savvy) spouses - how would you say the switch would be for them?
I'd say it depends on what you are trying to do. If it is simple device control and media playing and other stuff, then all you need is to update [dashboards](https://www.home-assistant.io/dashboards/) when you add/move devices and the users will find it pretty easy and straightforward. My parents are not extremely tech savvy but they find Home Assistant easy to use when I make the dashboards thoughtfully.
Making automations and scripts is getting easier every update, but it has a small learning curve as the logic can get complex and you sometimes need to know details like entity IDs or raw states. And there are some simple missing features that some people are very used to. Home Assistant is improving that sort of thing constantly, but sometimes the device APIs do not allow all functionality without the OEM apps.
For example, the two biggest camera-related things that are missing in my opinion is that the camera viewer does not allow zoom or two way talk. It uses the native browser media player, and on both a Samsung tablet and all iOS devices, this means that you cannot zoom and pan around the image. This is obviously not an issue if you embed a dashboard such as Frigate into the HA UI, which IIRC supports both two way talk and zoom. But YMMV.
Basically what they said but you can do two way talk too! For me Frigate is the way to do cameras and there is a HA addin which does take a bit of configuring but there are loads of decent docs.
Home Assistant is quite a beast but start off simple and work on. It will repay you every step of the way. The first hurdle is to get it on the internet and usable via the app. Get that sorted and you are well on your way.
Make use of dynamic DNS to register a name to IP address and Lets Encrypt to sort out a SSL cert. There are add ins for both of those.
You can also subscribe to Nabu Casa and external access and a few other things will be taken care for you. 31 day trial and https://www.nabucasa.com/pricing/
Funny thing, that. They actually have Activation Lock (of sorts).
I regret it now but a few years back someone had moved into a home, dumped their Ring doorbell that came with the house, and we shoved it on our house. When we went to set it up Ring blocked the setup attempt because it was account bound.
... Apparently if you call Ring to release it (they can), frontline CS can see the entire log of when the doorbell was online, when it was last rung, and used that information to go "oh, it hasn't been rang in like eight months" to decide that I wasn't some criminal and that I can set up the doorbell myself.
You might if it were drastically more convenient. I seem to have somehow acquired nearly 1 imperial pound of documentation for every year I've been alive. That's just estimating based upon the weight of my panda file box next to my desk.
There's a lot in there, rental contracts, policy documents, w2 forms, that I might actually benefit from having scanned and digitally available on my computer. I feel that being able to search through these documents would have saved me some amount of trouble over the years.
Hell, if it were easy enough, I might actually scan all those receipts I bring home and then throw away.
You don't do much bureaucracy in your personal life (mortgages, moving around, children, or just keeping things as they are). I do similar things few times per year on average, and I don't do anything exceptional.
Plus living in a village, closest printing shop is maybe 10 minutes by drive. Scanner and good printer is a basic need in 2026.
I moved 5 times between 2015 and 2021 (air force), during which time I bought and sold houses at each move, have two kids in school, and I've never had to scan documents.
Awesome, as it doesn't actually work from the street door right now, and I can't get the condo management company to fix it. Guess I just need to post a QR code outside?
An attack that could remotely ring my old-fashioned hard-wired doorbell would be really cool to read about. It's the classic electromechanical style with an AC line transformer wired directly between the chime & the button.
OT: do many people who come to your door actually ring your doorbell? 95% of people who come to my door, which has a doorbell and does not have a knocker, knock.
Do people just prefer knocking nowadays? Have Ring type doorbells become so common that people don't realize that a simple pushbutton beside the door with no camera can be a doorbell?
If you want to do some fun hacking project, Temu and similar websites are a trove of insecure cheap IoT devices made with almost 0 security consideration. Security camera, car chargers, sport tracking devices, etc.
If you are a bad actor, that is also probably a very easy way to find new ways to enroll devices in your botnet.
Anyone is probably a hyperbole here, regardless its accessible via internet, it is always in the category of relatively secure. Applies to pretty much every device connected to internet. Absolute security is a myth, it does not exists.
One can argue that a particular manufacturer is relatively more secure than other, however as long as the software is changing/evolving, eventually it will opens up the possibility/window to hack it
While true in general, this devices approach to security is an open doorway with a curtain in it to prevent access with they key hanging next to it in case there accidentally is a door. The security footprint is so low it should be called out as non existent.
I'd like my doorbell camera to have a cat detector and a meow detector so when my cats meow at the door, it rings the doorbell. My cats have gps collars and distinctive fur and meows, so it could double check so other cats can't spam me. That way each cat could have its own distinctive ring (like their distinctive meow, amplified).
I find it completely unreadable and give up within a paragraph or 2 every single time.
I say that as someone who uses LLMs daily too, and isn't a hater of them. Nothing wrong with using an LLM to help come up with content wording or to proof-read your writing etc etc, but just copy-pasting LLM output directly into a blog is lazy and instantly signals that it's not worth my time to read it.
> These are exactly the kinds of sentences that would have gotten us outstanding grades as students of the language.
You're abusing "us" here. There are billions of ESL learners, and the group you're part of who receive outstanding grades for that kind of sentence makes up a tiny percentage. The overwhelming majority would not.
Mine too. Not only that, the breaker for the transformer is switched off because the postman used to come right as my then-2-year-old was going for his nap. He's nearly 6 now and has not had an afternoon nap for a long time, and at some point I'll flip the breaker back on when I'm getting my jacket out of the hall cupboard.
But I didn't do that yesterday, I don't think I'll do it today, and it's not looking good for tomorrow either.
Since i like tech, once i was also interested in a smart doorbell or lock. My wife very much disliked the idea, because she thought it could prevent us to even enter our own house when the tech fails.
Then one day i watched my neighbour trying to get into his own house, because his smart lock and doorbell system failed horribly. This took several hours. It started raining. I learned a lot of new swear words from my neighbours wife which were directed to her husband.
This is a security concern as well. I'd argue even worse than the internet connected ones. Anyone at your front door (or where the button is) can easily know if you're at home, and take advantage if you're not. With the internet connected ones, you can always pretend.
I don’t think anyone is fooled into thinking people are home when the home owner “answers the door” via their internet connected doorbell.
If anything, I’d say that’s a bigger give away than someone not answering a traditional door bell given people used to not hear them even when home, all the time (particularly in bigger houses).
I would have thought this but was amazed at the number of times people would think I was home while talking to them via my doorbell. I have neighbor that told people I was rude to not come to the door and didn’t know I was talking to her from work.
How long ago was that? Was this when smart doorbells were brand new tech?
I could understand peoples misconception back when such door bells weren’t known about so the default assumption people might have is that it was an intercom.
The neighbor was 2022 or so but even more recent people have seemed a bit confused. I think having a car in the driveway makes people think we are home.
From my experience with package delivery I can tell you this is not how it works. Press the button, door doesn't open that instance, ergo no one is home.
My home office is in the other end of the house, it takes ~20-30 seconds for me to get to the door. That is more time than UPS grants you.
reply