House guests started tracking me after I made them a floorplan UI kiosk

Let me start off by saying I am in love with Home Assistant and it has drastically changed how I live. It has now changed how I control my house, how my friends and family control my house, what kind of devices I buy, how secure I feel with local control, etc. More than that it has served me a fairly useful hobby. I really appreciate anyone and everyone who has put in the effort to make Home Assistant better.

The geek in me had once made the house a place where only I could control or fix things. I’m a better person now and I’ve modeled my smart home to be more intuitive and accessible to my partner, friends and family. I’ve installed consistent and intuitive light switches, restricted to using only non-intrusive and natural automations, and spent A LOT of time setting up a VERY COOL floorplan UI based dashboard for everyone in my house to use (via wall mounted tablets).

I did my due diligence and made sure I created a non-admin account, and used fully kiosk browser, removed certain entries from the sidebar (like maps, logbook, history, etc) for the kiosk account. My goal was very clear - I only wanted my friends and family to be able to click on the parts of my house’s “digital twin” to control things (like lights or fans). This morning I came home to see that one of my wall mounted tablet had a logbook open for my geocoded location on it. I do have the companion app installed on my phone with location access and do some garage-related automations.

This is (for the lack of a better word) nuts. I’m just an admin who can’t administer what the non-admin users can or can’t see on their dashboards. There’s nothing stopping any of my guests to see camera feeds / open my garage / see the full history of my location / my calendars / my todos from the dashboard. They can just go and re-enable the sidebar entries to see whatever they want.

I do realize that one way to deal with this is to rip off all my wall panels, or just get better friends. But given that Home Assistant is probably the biggest open source project, how has this security/privacy/user-administration issue been neglected for so many years?

RBAC has been one of the most “popular” topics in both previous rounds of WTH, but implementing it will be a huge undertaking… and there are already a number of large projects underway.

I can see how implementing a fine-grained RBAC could be a huge undertaking. I do believe that even having an option to check/unckeck logbook and history access at the time of user creation could be a big step towards privacy and user management. Today, the admin checkbox already gets rid of all the settings/device info related buttons on the UI. I can see how only hiding the history and logbook entries from the entity popups and sidebar could be a small, yet effective ways to make user management way better (although enitity-level controls would be cool too)