Good light sensor

What is everybody using as a good reliable (indoor) light sensor? I'm not interested in motion sensors as I have Iris v2 motions in every room, which are nice and snappy, which I can't say about most motion sensors, and ideally not priced super high. So I'm just looking for one that does light really well (i.e. can detect varying levels of luminance reliably) and any other sensors it has are secondary (unless they do something else really cool/well.)

Also, trying to avoid Z-Wave unless it supports S2 as I want my entire Z-Wave mesh on S2 by the time hubitat gets around to supporting it.

Pretty much your only choice zigbee wise is the Philips hue motion, not the most compact of devices, but it does provide accurate lux readings.
Personally I don't find indoor readings to be of great value as the range of indoor readings is quite low...

Well basically what I'm trying to do is have an entry lamp (very dim) turn on when somebody walks in so they don't stumble over a table that's in there. I don't want it to turn on when the area is already well lit though. The lights in there are quite bright, so my thought is that a good lux sensor can pick that up and not turn it on if they're already on (just for energy savings as it is an incandescent, though it doesn't use that many watts.)

I'll look at Z-Wave too but I just don't want my whole mesh staying S0 just because of one device. The problem is I have a Schlage Connect and it's a bit worrisome just how easy it is to compromise it because it's on S0.

Why not just make the OTHER lights zwave/zigbee, then you will know they are on... Then use their on/off as a condition. Seems like that would be more fool-proof.

If that is worrisome for you, you shouldn't have ANY home automation... The lock being S0 should be the LEAST of your concerns.

2 Likes

How so? FWIW I happen to be a network security engineer. I'm also geeky enough that my home network is 100% vxlan on the wired side, with very few wifi devices :slight_smile: Although admittedly I'm a bit naive when it comes to PAN networking protocols, I know some of the basics. Still learning as I've never touched anything zigbee or z-wave prior to three weeks ago.

The thought has crossed my mind to get a second hub and treat it as an insecure network where the only stuff that is on it has little to do with physical security, like my bathroom fan switches, humidity sensors, etc. I want to see where Hubitat goes with S2 before doing that though, I'd hate to buy one just to find out that we need a new model for S2 support.

The biggest concern for me is insurance though; the insurance company needs evidence of a break in or else nothing is covered. That would be easy to do if you could simply tell the front door to unlock. Granted, I have other security measures in place, I don't have security cameras just yet because I have to get HOA approval. In fact, if it weren't for all of the damn permitting red tape, and the concerns of insurance potentially not covering any damage resulting from wiring that didn't go through permitting, all of this would be wired. The 2018 NEC code is retarded, you literally can't run any in-wall electrical, period, without being an electrician with 2000 hours of supervised work. Even low voltage isn't allowed anymore.

I also happen to be a network engineer, and director of industrial cybersecurity for my company, but that isn't important.

There is tons of data out there on the differences of S0 and S2, so no need to regurgitate all of that here.

The things that S2 fixes just aren't that interesting to me personally. I'm not pairing new devices so often that I think key capture is high on my problem list. And that is the only S2 improvement that I think is interesting.

All home automation technology is crap from a security standpoint. Plus, no thief is sniffing zwave keys to break into houses. Hell, for non-multimillion dollar mansion residential break-ins they don't even pick locks or break a window any more - it is much easier to just kick the door in.

But everyone's risk tolerance is different. And that's OK. You do what is right for you.

1 Like

Oh right I only mentioned my background just to give an idea that I'm aware of the risks :slight_smile:

My understanding is that you can force an S0 key exchange outside of the pairing process, similar to deauth packet injection on wifi without 11w, and that S2 includes something similar to adding 11w to wifi. I'm not aware of all of the details, but I watched a youtube video of somebody demonstrating it once... Also, it would be kind of hard to kick my front door in :slight_smile: though my back door being 90% glass.... That works fine for me though, if they kick or smash, they leave evidence of a break in. S0 it's possible to avoid that, which is just something I don't like.

1 Like

Sensitive Strips Comfort sensor is another option. Not Zigbee, but they are Zwave-Plus

Those look nice but they want my first unborn child in exchange for them.

I think I might go with Jason's suggestion of messing with the lighting itself, but there are a lot of bulbs that would need to be replaced, so I might get a zooz switch, their new version supports S2 and it looks like I don't need to rewire the other switch in the three-way pairing. I find it a bit odd that the selection of light sensors is quite low, I figured this would be a relatively common need...perhaps not.

Just keep in mind that Hubitat doesn't support S2 at all right now... So the device will fall back to S0 if you use it in Hubitat.

They mentioned months ago that it is on the future to-do list to add S2 support to Hubitat. No ETA, though.

AKA "today" there is zero benefit to using an S2 device on Hubitat.

Exact reason I could never live in an urban area.

No way will I ever ask, pay a permit, or seek approval for anything I want to do with "My" property.

Yeah, well, I've seen some pretty junked out rural properties in areas that I've lived that made zoning and permit restrictions look pretty damn attractive... So there are pro/con to everything I guess.

2 Likes

Why would you secure pair a switch?, s0, s2 and non secure devices can all live on the same network at the same time.
There is literally nothing to be gained by joining non barrier type zwave devices in secure mode, the overhead involved in secure zwave just slows things down...

3 Likes

My understanding is that if there's even one S0 device in the mesh, then the whole thing is effectively S0, regardless of S2 presence. Is that not the case? I still don't know the protocol that well.

Well then with that knowledge, why are you set on S2? And you should definitely take Mike Maxwell's advice here. He's the guy that writes all the HE drivers and he DOES know the protocol VERY WELL.

Fibaro motion Motion Sensor - Z-Wave and HomeKit motion detector | FIBARO has really good lux reporting.

While I haven't tested this specifically, I seriously doubt this is the case. The zwave spec bends over backwards to be both forwards and backwards compatable. S0 and S2 are on a device by device basis anyway....
What would be the point of S2 at all if it couldn't operate with S0 devices on the same network?

3 Likes

In terms of OSI model, where about is this occurring? I had the impression that it was layer 2, in which case I don't see how, at the very least, repeaters would be able to participate if they didn't support it.

Why would that matter?, they have no need to decrypt data they pass on, any more than an ip router needs to.

As far as the router is concerned, it has a source and destination address like any frame, the router could care less what the payload is.

That depends on what layer the encryption is done. For example, if a router isn't using the same MACSEC keys as the switch on the other end, then it's not going to be able to decrypt the IP header to be able to know where to forward it.