but laws like the DMCA mean that you risk jail for undertaking this noble activity.
Thankfully there are countries whose laws simply DGAF about the DMCA, software hacks will continue to be written in those countries and people everywhere will continue to run them. The USA loses because the tech developments that could be happening there will be happening elsewhere instead.
Hasn't been. Software was, and still is (for now), the best point of attack - which is just as well. Discovery of cryptographic secrets kept by well-designed hardware requires sacrifice (expensive and arcane) at the Altar of the Focused Ion Beam.
Nobody has hacked the apple tv 3 or recent Fitbit models. It may or may not be technically challenging.
My current annoyance is that I want something very, very simple: a thermostat that has the same features as my 20-year-old setback thermostat but a better user interface. I'd be quite content with Bluetooth to a smartphone or tablet.
Instead, they all are set up to use WiFi to connect to a server somewhere that charges me per month to manage my home thermostat. Seriously? I need to have a working Internet connection to change the temperature in the house?
Agreed. I have been giving a passing look at the new crop of thermostats and I'm not sure why it needs to be internet-connected, at least in the sense that they're talking about where some third party has access to all that data.
Sure, it can figure out what to do based on the weather, but the METAR reports are available online. It can figure things out based on previous history of what you did in given situations, but honestly, while that may take some work to figure out, there's not that much data or computing power required for this on an individual level. Yes, I'd like to be able to change my thermostat or check on it when I'm away, but I don't know that it necessarily requires having a service that I turn all this information over to that does more than acts as a middleman for passing some encrypted control packets back and forth.
One of the big problems with this is that the background magic (as most people see it) requires expertise, needs maintenance, securing and costs money. Given that it was already written I could put this magic this on my (internet-connected) server sitting in my geek room floor as an afterthought. I could probably, given enough time, hack something together that gives me 85% of the solution of the commercial product without compromising my privacy. The problem is that I don't really want to spend the time, and most others (my dad, my grandparents, my wife, even my tech-savvy friends at work) don't have the expertise to do this.
I suspect most of them don't even value their privacy enough to see a problem. I'm guilty myself; for example, I could set up OwnCloud and use that, but I still use Dropbox. It's just too abstract a problem for me, I guess.
I really wish there were a line of these gadgets that communicated with a low-power, centralized home server along the lines of a Pogoplug or some other low-power device. Shoot, it could even be a small NAS device for storing your media, too, but hey, look at all the other stuff it does (which we have already with most of these devices using ipkg, etc)! The problem seems to be that there's not enough money there to get investment.
Along the same lines I was surprised as hell to figure out the default configuration on an Eye-Fi card (an SD memory card with built in wifi capability) is not to connect to your own wifi network and upload pictures to a place of your choosing. It is actually to connect to the internet (and their servers) and upload all your photos to your Eye-Fi account. Now while that isn't a completely unreasonable configuration just think about the ramifications of uploading 6+ megabyte files via most "high speed" connections in the US. Unless you are lucky enough to have a fiber connection your up speed is still going to be painfully slow. The Eye-Fi card doesn't have a direct push way to get the files onto your computer, the best (and fastest way) is by making the card it's own wifi hotspot. The Eye-Fi software then will automatically download any new pictures once a computer is connected to the card via an ad-hoc network. I certainly wouldn't have designed it that way, but it gets the job done I suppose.
They make what you want, but I wouldn't call it cheap or easy. Insteon makes some really interesting home automation stuff that will do what a lot of people want, but the trade off is not a simple one stop device. You can combine an Insteon thermostat with one of their hubs and have a wifi/internet capable thermostat. Then add in some controllers and you could automate a ceiling fan or dehumidifier. The options are pretty surprising, but none of it is plug and play easy.
Not only that. Even in the affected countries people still can work on liberating their stuff; they just have to take some precautions to not get caught. E.g. publishing pseudonymously on servers in politically unfriendly countries (Russia?) or via a friend in the "free" country.
Somewhat similar to how people from "banned", embargoed countries participate on software development.
Then there's the open-by-design approach, with providing the same functionality of the walled-garden solutions, but with open software and sometimes even hardware. Takes often less effort than breaking someone else's crapola attempt for control.
I highly recommend this then:
Setup involves connecting directly to the device via your home wi-fi. And there is no remote server to discuss, it connects through the web to talk directly to the thermostat or uses the house network if you are within range. Or you can just walk up to the thing and do stuff to it.
Now that sounds like my kind of party.
"Oh baby, make it hot!''
Yeah, but can I program their hub (or have it work with my home server) or is it all mediated through theirs? The documentation sure implies that it's the latter, so I'm right back to where I was with Nest.
It does appear the Insteon Hub would probably work through their server. I have to wonder if that is to facilitate the Android/iOS push ability of texts and notifications?
They also have something like this:
Which I think would work without all the app support.
Digging around, I find that it appears to connects to a box at your location, which is a plus. Even more to their credit, there's API and developer documentation!
Check out The Thing System, as it is designed to be an open system that smooths out the wrinkles of dozens of different devices that all have their own proprietary interfaces. It doesn't address the legal issues brought forth in the article, but seems like a viable technical solution.
As a side effect, it can help to highlight those devices that provide open interfaces versus those that do not.
Definitely seems like the sort of thing that needs a public standard that is backed by law.. something analogous to a router that all your things must communicate through to access the internet. This "router" would provide some kind of interface where the owner can control what their things are allowed to communicate with and what they are allowed to transmit.
Said standard would obviously require your things to perform their basic functions with zero network access if that's how its configured.
We can certainly do this now with a stack of arduinos and a whole bunch of engineering effort, but it would be nice to have an ecosystem where companies can offer their products and it politely fits into the home setup.
This brings a danger of mandated law-enforcement backdoor. To be soon afterwards abused by a local council busybody wanting to enforce water or power consumption rules he pulled out of his posterior; see the datasets such busybodies have access to in e.g. UK.
There are emerging standards for exactly this.
If you are really old-school, you can also opt for going RS485 and MODBUS. Lots of sensors and valves and other stuff have MODBUS interfaces.