Yep, and everyone who's getting tired of hearing this absurdity, raise their hands.
I would also like to add my dissent for having this service capability in my HE. I do not take kindly to devices opening up internal network access to the outside world. If I want something like that (which I have), I will specifically create it myself, in a known secure manner. I even specifically implemented certain designs to my pool automation so that the pool equipment would not open up this access.
There are many ways to design and implement this without adding it to HE, that offer way more functionality and security than could be done with HE. These other ways may require some to implement something creative or more expensive, due to their situation, but that should fall on them and not expose the rest of us to possible security concerns.
But you having the ability to disable this wouldn’t sufficiently make you ok with it existing? Any time people ask for new features, I don’t think there is an expectation that you would be forced to use this.
Not everyone has the expertise or desire to “create it themselves.”
When it comes to remote access, I would prefer it not to exist than to exist and have an "off" button.
Many other things I'm OK with being options, but remote access isn't one of them. Just my opinion.
That doesn't mean I would stop using the product if it were there, but I would vote against it being there at all if I had a vote.
Sure but there are ways around that. It could be a separate module that someone has to install (think like an app/driver). Maybe the code doesn’t even come with the hub. Could be a separate download and fee. For me, as a former product manager, I always like to try to think of what are concerns and how do we get through them as opposed to just thinking in terms of “no way.” So in that case, if your hub didn’t even have the java code on it to allow remote access but mine did. Wouldn’t that remove your concerns?
I could agree with that. Make it separate and a purposeful/cognitive act to install/activate versus it "being there" and then the "what if" question goes away.
I'm beginning to be sorry I even made the request. I would like to have it. Others wouldn't.
Remote dashboards are in a way remote access. You can turn those off. Remote access to the hub would be the same thing.
Think of this scenario. Suppose someone hacked your remote dashboard access. Then started playing around with your lights, alarms, etc. that you have dashboard control for. And you are out of town and have no way to stop it.
But end of subject for me.
I think the issue is in the term "Remote Access". To me that means full network access aka VPN or full access to the hub which makes it a security concern. If on the other hand it's a "Remote Admin" capability which would be more like a tunnel service from the hub to HE cloud to provide a secure web access only to HE then that changes the "tone" of the conversation.
As noted the dashboard is already presented and available from the cloud link and that is accessing the hub directly so if you are using that feature then the security implications are already exposed so extending that to provide a method to access the admin page would be possible just likely not acceptable by many and would need a way to disable/remove. So making it an "add-on" I think would be very appropriate.
If we were voting, I would enjoy having a remote access/admin option. Then again, I'm not going anywhere these days...
OK, So I have to agree with @dman2306. Every time a feature or option that seems to involve access or security comes up, there seems to be two opinions from the community,
- That will be too confusing for a novice
- I can do it so much better with XYZ hardware/software/service.
Remote access(be it HTTPS, cloud access, dashboard security or even MFA) has come up multiple times and has always been met with this opposition. From my standpoint it is obvious that a subset of users would like these abilities (in some cases expected them to already be there). However a lot of technical community people come in and say I don't want that because I can do it better. And ultimately so can I, however I don't want to support n products on n platforms. I am looking for a single device. I think there are many people who don't have the skills or the time to make those things feasible.
Offering this via the product, even as a subscription service seems worthwhile, and if that is something that scares you away from the product you can simply use X hardware, y software and z service to not use that feature and use your own better one.
To me this seems like the technical version of classism. If you can devote the time to learn these skills and support these other things, you don't deserve security, or remote access, or XYZ.
Most cellular devices are connecting to what is a large private subnet and then being fed data from a small subset of public IP's. Thus not allowing for things like Port Forwarding.
Verizon will let you get a dedicated Public IP for a SIM for the low low cost of $500 bucks.
But yes. this is very similar to double NAT.
-- this! I'm looking for a single device that lets me make my home smart. I don't want to have to build out a lot of other things to support it. While people have used terms like HE is for "DIY" or for "expert" users... well then HE will remain a hobby. The key to being the guy that disrupts smart home technology is to be the hub that is installed in a billion homes, not 10,000 homes. You're only going to get there by being something "my parents" can install.
Maybe they are OK with it being a limited audience? People say that like it's a bad thing.
Regardless - some people want it, others don't. In the end only Hubitat will decide if this is something they want to add or not.
It amazes me that people still refer to themselves as home automation "early adopters"... They sell this stuff at big box stores. You are not an early adopter. Home automation is fairly mainstream technology at this point.
I recall someone else lamenting that the community was beating up on him because he wanted a Username and Password...
I know I was surprised to not find a default password for main configuration.
All of this to say I think that the community doesn't value enhancements that aren't fun features, because they are hobbyist who devote time to this and want more wiz-bang and not more security or remote access.
However I think if this platform is going to disrupt the market it will need more attention to basic features.
But those are all decisions for the leadership of hubitat to make.. not me, you or the community (because in all honesty, they already have our money) they just need to keep people happy enough to still be recommended and to move more units (when they get back in stock).
Because I think it is a bad thing. It’s a recipe for a lack of revenue and cash flow.
Maybe, but growing faster than you can support is also a one way ticket to implosion too.
Neither of us own Hubitat, so both of our opinions on this matter are pretty inconsequential in the end.
Agreed. Right now that's my challenge. To my techie friends/family I suggest HE. To my non-techies, I tell them get an Alexa and some Wifi bulbs. Honestly, one reason is the lack of remote access even though it sounds stupid. I know they're going to call me and ask me to troubleshoot it which is fine, like many people on this forum "I'm the family IT guy"... but I want to do so from my couch, not having to go over their house. So if I could manage their RM and such remotely, I'd get one for my father in law who really loved when I showed him how my exhaust fan kicks on/off in my bathroom based on humidity. But right now I don't want to have to go over there constantly when he wants a rule tweaked.
I am a Privacy/Security Rights guy, both professionally and socially. The HEs local features are what attracted me it. However the more I dug into it, the more issues I have found with the platform. Some of the issues have decent work-arounds. Some of them are much more techincal and harder to resolve. Some of the issues I have found make me question the security of the things I cant see.
This is my compromise, because I want to spend time with my growing family...not working on a Home Automation system (or my dads, or my sisters) .
Push come to shove I will probably be in every forum post remotely about security rooting for it! Because I want my hub to be better secured and not require a bunch of extra hardware,
This is a very good point I hadn't properly considered. I'd also be able to help more friends use the product if simple remote access was available. Right now it's fine for me, an rPi is simple enough and does the trick. But it is another failure mode (and they often do) so a properly integrated remote solution would be better. Certainly for commercial deployments too, so that you could support the customer more easily.