zlacker

[parent] [thread] 3 comments
1. byb+(OP)[view] [source] 2026-01-12 05:21:09
My biggest source of paranoia is my open home assistant port, while it requires a strong password and is TLS-encrypted, I'm sure that one day someone will find an exploit letting them in, and then the attacker will rapidly turn my smart home devices on and off until they break/overheat the power components until they start a fire and burn down my house.
replies(2): >>seszet+N >>wao0uu+pi
2. seszet+N[view] [source] 2026-01-12 05:28:16
>>byb+(OP)
That seems like a very irrational fear. Attackers don't go around trying to break into Home Assistant to turn the lights on at some stranger's house.

There's also no particular reason to think Home Assistant's authentication has to have a weakness point.

And your devices are also unlikely to start a fire just by being turned on and off, if that's your fear you should replace them at once because if they catch fire it doesn't matter if it's an attacker or yourself turning them on and off.

replies(1): >>timc3+Il
3. wao0uu+pi[view] [source] 2026-01-12 08:16:55
>>byb+(OP)
Why expose HA to the internet? I’m genuinely curious.
◧◩
4. timc3+Il[view] [source] [discussion] 2026-01-12 08:43:03
>>seszet+N
People are putting their whole infrastructure onto HA - cars, Apple/Google/other accounts, integrations to grid companies, managing ESP software etc..

I think that has more potential for problems than turning lights on and off and warrants strong security.

[go to top]