Hi everyone. Before anything else, I would like to mention that I do not plan to expose absolutely anything to the internet other than using a VPN, and that’s if necessary.
Now, if I understand it correctly, ZigBee compatible devices need a controller attached to the computer to decipher messages? Since we are talking about security, it seems that the ZigBee network has its own encryption technology.
Coming to WiFi which was my original plan, we have established protocols like WPA2. I had intended for all of my IoT devices to be locked in a separate VLAN with no external access.
Which one of them do you think is better for privacy and longevity? I am going to use the basics such as lights, temperature/motion sensors (would like to flash with custom firmware like Tasmota if possible) - alongside some custom devices, which would also be programmed from scratch (ESP32 based). The problem I have with the devices from the latter proposition is that I have to keep on top of security trends myself, but I suppose that’s the trade-off one makes with custom devices.
Please tell me what you use at home and why, between Zigbee and WiFi?
The communication method doesn’t mean anything security wise. Here’s a simple example.
Device #1 is an ESP32 based WiFi device with your own firmware. It won’t phone its Chinese parent company every hour because you made the firmware yourself. It’s no less secure or more wrong than using your phone hooked to your WiFi.
Device #2 is a ZigBee device. It doesn’t have any connection to the internet. But you need a hub to interact with it and you decide to use Amazon Echo for simplicity. Now your house is fully owned by Bezos.
You need to inspect every device to see if they suit your needs.
ZigBee devices use less power, which means if they’re battery powered, it can last longer than wifi devices. It has faster handshake too. it can wakes up from sleep and transmit data in less than a second, while a WiFi devices may need several seconds to connect to your AP if it has been sleeping for some time. The difference in latency is really noticable for stuff like door sensor or movement sensor where the device may be sleeping for extended amount of time. But if you build your own device using esphome, I guess there is no option but to use wifi.
As for security, if they’re both offline, is it really matter?
Are you planning to write your own code for them? I have been looking at ZigBee, especially support to write custom code and push out OTA updates to devices. Whilst I’m not very clear on the matter, I think with certain devices it is definitely possible, and support seems to be getting better recently.
Please let me know about your ideas for your setup and what you’re buying/using/creating!
Damn you’re right! Too bad they’re not available in my country yet. I might be able to import one but with shipping and import tax it might ended up 10x more expensive than ordinary esp32 sold here.
Lots of people instantly think of security when they look at WiFi-connected IoT devices, but oftentimes they never think of the WiFi signal itself - what with all the added communication noise and send time limitations of having lots of small devices.
Especially with regular consumer equipment, it doesn’t actually require that many devices to fully saturate a regular home router or AP.
That’s a good point. Another one I have is sort of failure tolerance. I used to have a really unreliable router which would often crash and could only be reset using a full power reset. While it was in this state, wifi obviously stopped working but my zigbee devices where still available. I used to have a zigbee button linked to a smart plug for toggling my router off and on again.
This shouldn’t be a concern for most people obviously but I wanted to share my experience.
Another point I want to mention is that zigbee works at 2.4Ghz just like basic wifi so they can still interfere with each other.
Zwave on the other hand uses another frequency (I think it was around 860MHz) but is more expensive.
Do you think I’ll be able to use 915Mhz (I’m in the US) for ZigBee devices using the Sonoff controller and IKEA devices/custom devices? Or is it reserved for specific purposes?
Isn’t Zigbee always on 2.4GHz regardless of country? Trying to shift the frequency to 915MHz for all devices sounds like a lot of work with questionable benefit
Well, theoretically yes but it doesn’t continuously send data and both WiFi and Zigbee also allow for operation on various channels. Does your neighbors WiFi interfere with yours?
Also, most WiFi devices now support 5GHz WiFi anyway so it’s even less of an issue anymore. The bigger problem would probably be WiFi interfering with ZigBee. But again, that can be resolved by changing the channels.
My apologies, I needed to read up on the encryption that ZigBee uses a bit more. I have confidence that anyone snooping on the RF emanating from my flat will very likely not be able to decrypt ZigBee traffic (for that network will likely contain sensitive information). Some of my devices will likely transmit close to all the time (humidity sensor for a plant, for example), I’m hoping such traffic can mask the other more sensitive traffic, like of infrared sensors set up to react to opening the door, as an example.
Can I use ZigBee at another frequency than 2.4Ghz? I noticed that the US has another operational frequency for ZigBee but I don’t see it discussed very often
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
The communication method doesn’t mean anything security wise. Here’s a simple example.
Device #1 is an ESP32 based WiFi device with your own firmware. It won’t phone its Chinese parent company every hour because you made the firmware yourself. It’s no less secure or more wrong than using your phone hooked to your WiFi.
Device #2 is a ZigBee device. It doesn’t have any connection to the internet. But you need a hub to interact with it and you decide to use Amazon Echo for simplicity. Now your house is fully owned by Bezos.
You need to inspect every device to see if they suit your needs.
TIL Amazon Echos can act as Zigbee hub. Still not using it lol.
Thanks. If I use a Sonoff controller and plug it into Node-red, how would that score for privacy?
Sonoffs are usually safe.
ZigBee devices use less power, which means if they’re battery powered, it can last longer than wifi devices. It has faster handshake too. it can wakes up from sleep and transmit data in less than a second, while a WiFi devices may need several seconds to connect to your AP if it has been sleeping for some time. The difference in latency is really noticable for stuff like door sensor or movement sensor where the device may be sleeping for extended amount of time. But if you build your own device using esphome, I guess there is no option but to use wifi.
As for security, if they’re both offline, is it really matter?
Esp32-h2 now has ZigBee. I just ordered some so I can replace my current ones to get rid of wifi.
Are you planning to write your own code for them? I have been looking at ZigBee, especially support to write custom code and push out OTA updates to devices. Whilst I’m not very clear on the matter, I think with certain devices it is definitely possible, and support seems to be getting better recently.
Please let me know about your ideas for your setup and what you’re buying/using/creating!
Damn you’re right! Too bad they’re not available in my country yet. I might be able to import one but with shipping and import tax it might ended up 10x more expensive than ordinary esp32 sold here.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
4 acronyms in this thread; the most compressed thread commented on today has 5 acronyms.
[Thread #269 for this sub, first seen 9th Nov 2023, 10:10] [FAQ] [Full list] [Contact] [Source code]
removed by mod
Lots of people instantly think of security when they look at WiFi-connected IoT devices, but oftentimes they never think of the WiFi signal itself - what with all the added communication noise and send time limitations of having lots of small devices.
Especially with regular consumer equipment, it doesn’t actually require that many devices to fully saturate a regular home router or AP.
removed by mod
That’s a good point. Another one I have is sort of failure tolerance. I used to have a really unreliable router which would often crash and could only be reset using a full power reset. While it was in this state, wifi obviously stopped working but my zigbee devices where still available. I used to have a zigbee button linked to a smart plug for toggling my router off and on again.
This shouldn’t be a concern for most people obviously but I wanted to share my experience.
Another point I want to mention is that zigbee works at 2.4Ghz just like basic wifi so they can still interfere with each other.
Zwave on the other hand uses another frequency (I think it was around 860MHz) but is more expensive.
Do you think I’ll be able to use 915Mhz (I’m in the US) for ZigBee devices using the Sonoff controller and IKEA devices/custom devices? Or is it reserved for specific purposes?
Isn’t Zigbee always on 2.4GHz regardless of country? Trying to shift the frequency to 915MHz for all devices sounds like a lot of work with questionable benefit
Won’t it interfere with 2.4Ghz WiFi?
Well, theoretically yes but it doesn’t continuously send data and both WiFi and Zigbee also allow for operation on various channels. Does your neighbors WiFi interfere with yours?
Also, most WiFi devices now support 5GHz WiFi anyway so it’s even less of an issue anymore. The bigger problem would probably be WiFi interfering with ZigBee. But again, that can be resolved by changing the channels.
My apologies, I needed to read up on the encryption that ZigBee uses a bit more. I have confidence that anyone snooping on the RF emanating from my flat will very likely not be able to decrypt ZigBee traffic (for that network will likely contain sensitive information). Some of my devices will likely transmit close to all the time (humidity sensor for a plant, for example), I’m hoping such traffic can mask the other more sensitive traffic, like of infrared sensors set up to react to opening the door, as an example.
Can I use ZigBee at another frequency than 2.4Ghz? I noticed that the US has another operational frequency for ZigBee but I don’t see it discussed very often