Maybe I’ve missed it, but I’m surprised no one mentions this domain/ip are located in China. And while haoctopus may be completely honest in his statements, no one should be surprised to know the Chinese government and military capture all traffic in/out of China including any encrypted traffic (which is decrypted by the aforementioned). So if you’re concerned about security at all, do not install.
I do not endorse any such solution, and I do not against it either.
If someone had listened the last episode of podcast, @balloob had talked about Home Assistant Cloud’s road map, eventually it will provide end-to-end encrypted tunnel solution to resolve remote access problem. But it more likely won’t be free.
Great point mentioning Home Assistant Cloud. Not only will it provide an encrypted remote access to you instance it will also financially support the project.
Can https be decrypted successfully?
sounds great!
This is called SSL interception. Companys often do this to for various reasons. You can read more about it if you are interested, for example at searchsecurity.techtarget.com.
We realize the implemented technology of molohub(cloud solution) is good, But not we as the creator of molohub.
We are not reliable in your opinion, because we are Chinese, and small team.
No you are unsafe because no one knows who you are, you have no proven record in the security field, your product seems to be closed source, we have only your word for what goes on in your servers and because it is in all in China, it is probably being intercepted and decrypted (although China is not the only government to do that, NSA I am looking at you)
I Can’t see it. And as far as I know there must be a fake Root Digital Cert in your device’s trusted certs then intercepted can happened. that’e means no simple way to see all data over tls
An easy case is watching live feed of your cameras.
Another case for me is (actually this is my goal) to open my garage door remotely. My RF remote does not reach until I am very close to it, and also WiFi does not reach at my entrance. Hence I am forced to connect with VPN to my LAN network and use HASS to open the garage (WiFi).
I think there are many remote user case.
So far my solution is VPN but is not WAF and FAF proof (we are 4 and I am the only one using it)
I would not trust americans as well, so do not take it personal or because your etnicity/nationality: its not that the point!
Having said that I really wish you find a good (privacy concerned) solution, I would love to use it!
Sorry, my bad.
Nothing to do with being Chinese, having a small team or the technology being used. It’s about an anonymous person saying “trust me” without sharing any non technical information. @rusenask made an interresting point about your business model, but no response from you.
Thanks for reminding me, We will update our website page https://www.molo.cn recently, Then bussiness mode and other related content will be shown.
Yeah your website simply says “Login to join the HomeAssistant”
Where the F*** do you get the right to trade off this project’s name? Ever heard of the illegality of passing off?
Oh you come from a country which doesn’t respect intellectual property. What a surprise.
Ok, maybe this link works for you: https://docs.citrix.com/en-us/netscaler-secure-web-gateway/12/ssl-interception.html
What exactly is the problem wir VPN and WAF compatibility if I may ask?
So maybe HA Dev team need develop a addon and apps for android and IOS to connect it via native HA CLOUD. Same HA CLOUD with google assistant and Amazon Alexa.
You connect from native, safe app from HA DEV to HA Cloud and safe login to your instance HA on your network.
It’s one of the way to make money from develop HA.
1$/mo to use this.
And we all have safe, encrypted connection without 3rd party cloud, without port forwarding, without ddns.
I believe this may be happening, but $5 is going to be the price.