home-assistant

45 Articles

IoT Air Purifier Makes A Great Case Study In Reverse Engineering

February 6, 2024 by 10 Comments

Here at Hackaday, about the only thing we like more than writing up tales of reverse engineering heroics is writing up tales of reverse engineering heroics that succeed in jailbreaking expensive widgets from their needless IoT dependency. It’s got a real “stick it to the man” vibe that’s hard to resist.

The thing is, we rarely see a reverse engineering write-up as thorough as the one [James Warner] did while integrating an IoT air purifier into Home Assistant, so we just had to make sure we called this one out. Buckle up; it’s a long, detailed post that really gets down into the weeds, but not unnecessarily so. [James] doesn’t cloud-shame the appliance manufacturer, so we can’t be sure who built this, but it’s someone who thought it’d be a swell idea to make the thing completely dependent on their servers for remote control via smartphone. The reverse engineering effort started with a quick look at the phone app, but when that didn’t pay off in any useful way, [James] started snooping on what the device was talking about using Wireshark.

One thing led to another, wires were soldered to the serial pins on the ESP32 on the purifier’s main board, and with the help of a FlipperZero as a UART bridge, the firmware was soon in hand. This gave [James] clues about the filesystem, which led to a whole Ghidra side quest into learning how to flash the firmware. [James] then dug into the meat of the problem: figuring out the packet structure used to talk to the server, and getting the private key used to encrypt the packets. This allowed a classic man-in-the-middle attack to figure out the contents of each packet and eventually, an MQTT bridge to let Home Assistant control the purifier.

If it sounds like we glossed over a lot, we know — this article is like a master class on reverse engineering. [James] pulled a lot of tools out of his kit for this, and the write-up is clear and concise. You may not have the same mystery fan to work with, but this would be a great place to start reverse engineering just about anything.

Thanks to [ThoriumBR] for the tip.

Alarm Panel Hack Defeats Encryption By Ignoring It

January 19, 2024 by 23 Comments

As frustrating as it may be for a company to lock you into its ecosystem by encrypting their protocols, you have to admit that it presents an enticing challenge. Cracking encryption can be more trouble than it’s worth, though, especially when a device gives you all the tools you need to do an end-run around their encryption.

We’ll explain. For [Valdez], the encrypted communication protocols between a DSC alarm panel and the control pads on the system were serious impediments to integration into Home Assistant. While there are integrations available for these alarm panels, they rely on third-party clouds, which means that not only is your security system potentially telling another computer all your juicy details, but there’s also the very real possibility that the cloud system can either break or be shut down; remember the Chamberlain MyQ fiasco?

With these facts in mind, [Valdez] came up with a clever workaround to DSC encryption by focusing on physically interfacing with the keypad. The device has a common 16×2 LCD and a 25-key keypad, and a little poking around with a multimeter and a $20 logic analyzer eventually showed that the LCD had an HD44780 controller, and revealed all the lines needed to decode the display with an ESP32. Next up was interfacing with the keypad, which also involved a little multimeter work to determine that the keys were hooked up in a 5×5 matrix. Ten GPIOs on the ESP32 made it possible to virtually push any key; however, the ten relays [Valdez] originally used to do the switching proved unwieldy. That led to an optocoupler design, sadly not as clicky but certainly more compact and streamlined, and enabling complete control over the alarm system from Home Assistant.

We love this solution because, as [Valdez] aptly points out, the weakest point in any system is the place where it can’t be encrypted. Information has to flow between the user and the control panel, and by providing the electronic equivalents to eyes and fingers, the underlying encryption is moot. Hats off to [Valdez] for an excellent hack, and for sharing the wealth with the HA community.

Does Getting Into Your Garage Really Need To Be Difficult?

November 9, 2023 by 78 Comments

Probably the last thing anyone wants when coming home from a long day at work or a trip is to be hassled at the last possible moment — gaining entrance to your house. But for some home automation enthusiasts, that’s just what happened when they suddenly learned that their own garage doors had betrayed them.

The story basically boils down to this: Chamberlain, a US company that commands 60% of the garage door market, recently decided to prevent “unauthorized usage” of their MyQ ecosystem through third-party apps. Once Chamberlain rolled out the change, users of Home Assistant and other unauthorized apps found themselves unable to open or close their doors with the apps they were accustomed to.

Those of us with custom smart home setups can relate to how frustrating it is when something disturbs the systems you’ve spent a lot of time tweaking and optimizing. It’s especially upsetting for users who both Chamberlain hardware specifically because it was supported by Home Assistant, only to have the company decide to drop support. This feels like false advertising, but we strongly suspect that buried in the EULA users must have agreed to at some point is a clause that essentially says, “We can do anything we want and tough noogies to you.” And if you read through the article linked above, you’ll get an idea why Chamberlain did this — they probably didn’t like the idea that users were avoiding their ad-spangled MyQ app for third-party interfaces, depriving them of ad revenue and the opportunity for up-selling.

We feel the frustration of these users, but rather than curse the darkness, perhaps this will light a candle of righteous rage that leads to a clever workaround. The Home Assistant blog article mentions a dongle called ratgdo, which should allow any door with plain old dry contacts to work via MQTT or ESPHome. It’s extra work that users shouldn’t have to put in, but maybe getting one over on The Man would be worth the effort.

Thanks to [KC] for the tip; please keep us posted on your workaround.

A hot tub with a smartphone in front showing real-time sensor data

ESP32 Keeps Track Of Hot Tub’s Vital Signs

October 1, 2023 by 12 Comments

Like swimming pools, hot tubs need regular monitoring to ensure their water stays clean and clear. An average person might take a water quality reading once or twice a week using test strips, but such a low sampling rate obviously won’t do for a hacker. [Stephen Carey] has therefore built a hot tub monitor that checks the water quality every minute and reports it on a neat mobile dashboard.

[Stephen]’s system uses commercially available sensors that track pH levels and Oxidation-Reduction Potential (ORP), both basic measurements that indicate water quality. A second set of sensors keeps track of the temperature of the water and the outside air, which should help in finding insulation failures and keeping energy use under control.

A set of graphs showing a hot tub's pH and ORP over time, with a significant spike in both near the beginningAn ESP32 reads the sensors and sends out the data through WiFi. [Stephen] programmed the ESP32 in MicroPython, using an MQTT driver to connect it to Home Assistant. By looking at the graphs generated, you can tell when someone entered the tub from a step change in pH and ORP. It’s even possible to generate alerts when any of the values drift outside their acceptable range – we can already imagine an alarm going off when someone enters without having showered first.

The system also has a calibration mode to check the sensors against a well-defined buffer solution. As with many chemical sensors, the pH and ORP probes gradually lose their active material and need to be replaced after about a year. Good ones aren’t cheap, but [Stephen] has found pretty decent low-cost alternatives on AliExpress that should be fine for a home setup.

If you also want your tub or pool to be actively managed, you’ll need a more complex system, perhaps even one that can also dispense chemicals. If your hot tub is heated by a wood fire, however, all you need is a way to alert the person tending the fire.

Litter Box Sensor Lets You Know Exactly What The Cat’s Been Up To

August 17, 2023 by 16 Comments

In our experience, there’s rarely any question when the cat uses the litter box. At all. In the entire house. For hours. And while it may be instantly obvious to the most casual observer that it’s time to clean the thing out, that doesn’t mean there’s no value in quantifying your feline friend’s noxious vapors. For science.

Now of course, [Owen Ashurst] could have opted for one of those fancy automated litter boxes, the kind that detects when a cat has made a deposit and uses various methods to sweep it away and prepare the box for the next use, with varying degrees of success. These machines seem like great ideas, and generally work pretty well out of the box, but — well, let’s just say that a value-engineered system can only last so long under extreme conditions. So a plain old-fashioned litterbox suffices for [Owen], except with a few special modifications. A NodeMCU lives inside the modesty cover of the box, along with a PIR sensor to detect the cat’s presence, as well as an MQ135 air quality sensor to monitor for gasses. It seems an appropriate choice, since the sensor responds to ammonia and sulfides — both likely to be present after a deposit. Continue reading “Litter Box Sensor Lets You Know Exactly What The Cat’s Been Up To”

Ventbot fans with 3D printed brackets and control circuit board with ESP32 breakout and multicolored 3D printed cases

Ventbots Are Fans Of HVAC And Home Automation

June 24, 2023 by 21 Comments

[WJCarpenter] had a common HVAC problem; not all the rooms got to a comfortable temperature when the heater was working to warm up their home. As often happens with HVAC systems, the rooms farthest from the heat source and/or with less insulation needed a boost of heat in the winter and cooling in the summer too. While [WJCarpenter] is a self-reported software person, not a hardware person, you will enjoy going along on the journey to build some very capable vent boosters that require a mix of each.

Ventbot control circuit board with ESP32 breakout in a red 3D printed case

There’s a great build log on hackaday.io here, but for those who need more of a proper set of instructions, there’s a step-by-step guide that should allow even a beginner hardware hacker to complete the project over on Instructables. There you’ll find everything you need to build ESPHome controlled, 3D printed, PC fan powered vent boosters. While they can be integrated into Home Assistant, we were interested to learn that ESPHome allows these to run stand-alone too, each using its own temperature and pressure sensor.

The many iterations of hardware and software show, resulting in thoughtful touches like a startup sequence that checks for several compatible temperature sensors and a board layout that accommodates different capacitor lead spacings. Along the way, [WJCarpenter] also graphed the noise level of different fans running at multiple speeds and the pressure sensor readings against the temperatures to see if they could be used as more reliable triggers for the fans. (spoiler, they weren’t) There are a bunch of other tips to find along the way, so we highly recommend going through all that [WJCarpenter] has shared if you want to build your own or just want some tips on how to convert a one-off project to something that a wider audience can adapt to their own needs.

Ventbot graphing of temperature, pressure, and fan noise

See a video after the break that doesn’t show the whole project but includes footage of the start-up sequence that tests each fan’s tachometer and the customizable ramp-up and ramp-down settings. Continue reading “Ventbots Are Fans Of HVAC And Home Automation”

Ultimate Garage Door Control Does The Job Brilliantly

May 30, 2023 by 21 Comments

[Stephen Carey] had previously relied on an Insteon garage door controller, only to have it perform poorly and fail at integrating with Alexa properly. Thus, he did what any good hacker would do, and built his own system instead.

The garage door was first outfitted with a pair of reed switches to sense when it was fully open or fully closed. The drive sprocket of the garage door was also set up to be monitored with magnets and Hall effect sensors, essentially creating a rotary encoder. This allows a ESP32 to monitor the door’s direction of travel, it’s position, and when it has hit the end stop in either direction. Using Micropython, [Stephen] whipped up some code to tie the garage door controls in with Home Assistant, complete with a neat visual display of the current door position.

There are millions of home automation products out there, many of which make annoying compromises that frustrate the end user. Sometimes, doing it your own way is the only way to get satisfaction!