That seems to be the best option. I guess I can remove the app from my phone again.
The button was below the Login button or below the Sign up link.
I have removed the app from my phone.
2 questions still remain:
- For a project like Hubitat it is strange that no source code is available. There's no code for the HE system itself, nor for the mobile apps. Why?
- Why do I need to login to a remote server, when I just want to work locally?
May I ask why they should make their source code available for the world to see/copy. I know nothing about this area so personally can see no reason to see it. Your needs may be different of course.
Having said that, they have said on numerous occasions, on numerous threads that it is not open source and is never likely to be.
Their platform isn't opensource and they do not post native code. They have posted groovy code to help developers though.
I would also pursue the support ticket,,,
I don't mind logging in from the security or privacy point of view, I have been with Hubitat long enough to feel I can trust the brand. But it seems a pity when there is always the possibility one's internet or even the hubitat cloud server could go down. Hue app doesn't require cloud login for local access so it can be done.
1 Like
In ios it brings up a sign in as well as FIND HUBS, if you click that and your hub it takes you to the admin page in which you can drill down to dashboards.
Hopefully clear enough from the responses so far. But while the Hubitat staff have created a platform that’s very open to community developer input, the core platform including built-in apps and device drivers is made by a small, private start-up company that is selling this thing to make a living. So there are many reasons why they have not made their source code publicly available.
It was never conceived of nor marketed as an open source project.
5 Likes
That's the way it's always been with the app. Just book mark your hub and access it directly in your phone when on your network. The app is just a wrapper of the IDE, there are no additional or higher functions with the app over the IDE. Truth be told, it's easier to use the IDE than the app (except dashboards, and again you can book mark those). The IDE scales to whatever your screen size. That is really your best solution, and allows you to access it in the way you have described.
3 Likes
One would be audit purposes. They claim our data is safe and local. Yet, I have to login to use something locally. Hmm. So how do I know that the hubitat device doesn't send data and/or has a backdoor somewhere? (I don't think it does and/or has.)
While the trust level for the Hubitat brand is high, things like the above look suspicious. I am sorry, but this doesn't sit right with me.
Ok, I can monitor the network traffic and verify the requests/responses. I also use a separate VLAN and block all outgoing traffic, except when I check for updates.
Since I no longer use the app, I don't really care anymore. As I said, it looked fishy to me. That's all.
1 Like
Already done.
2 Likes
But then they’d need to arrange for some kind of independent audit, still keeping things a secret rather than let everyone in the world have a look, including a competitor obviously.
That’s not free is it?
Bottom line, IMHO, is if it’s not an open source project (and this isnt), you can’t assert any right to inspect the entire source code or claim it’s “fishy” when you cannot.
2 Likes
You really don't. Hubitat itself runs 100% locally. The only calls it makes outbound is for cloud access to the dashboards. The app is not a native part of the HE itself... As you said, you can also sniff packets showing no data except to AWS going out and blocked internet access doesn't prevent the unit from running at all.
4 Likes
The other purposes of the mobile app are for geolocation and push notifications.
They both require a cloud connection to function.
So if one is highly committed to local-only approaches to using Hubitat, mobile apps from Google and Apple app stores don’t add much to the mix and can be safely avoided without missing out on anything.
6 Likes
Look, you bought it and it has always been closed source - that isn't a change, and it was never advertised as being open source. It will never be open source. You have to decide if you're okay with that or not.
Since you're a big open source guy, I hope that you reviewed every line of code in your Linux distribution too, including all packages you've installed.
I'm being a little silly, and I do appreciate your stance. But regardless if it's open source or not open source the only way to tell if something is phoning home is the monitor the traffic.
Even open source software do some shady things sometimes... Just look at HassOS hard coded DNS entries in their distribution. Many consider that shady.
Anyway, it is what it is, and only you can decide whether you are okay with it or not.
4 Likes
I do feel a little uncomfortable about how lengthy at least part of this discussion has become off the back of some of my comments (open source topic aside). I'd really prefer we sought clarification from Hubitat about the requirements for using the app locally. I can be a little hasty at times in an attempt to explain / understand why something might be happening. I don't want to see the conversation progress to the point where the basis for that conversation is not sound.
3 Likes
Thanks everyone for your feedback. Nothing has changed in the mobile apps' requirements. Since May 23, 2019, when the Apps were released, we have said that using the mobile apps require the hubs to be registered.
When launched, the mobile apps offered 3 key features, most of which require cloud to function properly: remote access to Dashboards, presence sensing and push notifications. If users are only interested in local access to dashboards, for example, we encourage them to connect to the hub directly, from a browser, via find.hubitat.com, or by bookmarking the hub's IP address.
11 Likes
Just like to point out, They better not be using any open source code in their product, or they would be in breach of the most commonly used open source licenses by not releasing their code+updates. Anyway, it's just got me a little curious.
That's not exactly true... That's only true in specific scenarios. If you link/use (and communicate that you are using) libraries unmodified, you don't have to disclose all of your own proprietary code that is external of that in most license use cases.
But whatever. I'm not getting into an OSS license and disclosure debate (again LOL). I'm not a lawyer, and I don't give legal advise.
3 Likes
