I’ve had the same module in my car for a few days now.
From the beginning I wanted to integrate the module into HA.
Sending an SMS is not the problem, I use the HTTP API of AnySMS, it costs per SMS but for the beginning it is OK. Should be possible with any SMS provider that offers an HTTP API.
In the long run it would be nice to be able to receive and send SMS in HA. On the one hand to save money for the SMS provider (SIM card with SMS flatrate) and on the other hand you could receive SMS. SMS receipt is also possible with most providers, but either only on a shared number and keyword (which won’t work with this module) or with too high costs for a fixed number (>30€ per month)
I’ve already tried to get my Huawei LTE stick to run on Linux, which would work in principle, but I run it all on a Synology and Docker and somehow I don’t get the device in the Docker container. Might be a project for the holidays, or I have to go the way of an additional computer (raspberry pi).
In HA the whole thing is called as REST command.
rest_command:
car_heater_on:
url: !secret rest_car_heater_on_url
method: GET
car_heater_off:
url: !secret rest_car_heater_off_url
method: GET
car_heater_info:
url: !secret rest_car_heater_info_url
method: GET
car_heater_temperature:
url: !secret rest_car_heater_temperature_url
method: GET
Thank you MarH for the info and your setup. I put the whole thing on ice for a while but now I got interest again. Will try and figure it out using Google Home. I use this with the Volvo integration and it’s great.
Hi all, I am also looking for a service to receive SMS by HA. The reason is, that I have here and then problems connecting remotely to HA. And it appears that this problem always happens when non-admins of my family want to get into the house but for whatever reason have not been able to switch of HA’s alarm system. I am looking for a solution bypassing LTE/WAN/LAN/WLAN and send a SMS to HA to turn on/off the alarm. If there is any other idea in handling that, feel free to give me a hint. Thx, gl
I’ve been looking at this also. I use Twilio for SMS notification from HA (e.g door open too long, etc.), so I’d like to be able to Ack the alert by responding to the txt.
Twillio allows configuration of a web hook to receive the replies. This would mean exposing an end-point from the HA system on the internet. Something I don’t want to do, given lack of HA being pen tested.
So my current idea would be to set up something in AWS to expose the webhook and use a lambda to place it in an SMS queue. Then in HA use the AWS SMS API to pull messages back. Haven’t priced out the AWS stuff but it should be very cheap since it’s billed based on usage.
For the moment that is not conclusive yet. Nothing is received on the webhook - it seems to be an issue with the Android app (I checked the Android logs).
I suppose it can work for others, and it will likely be solve.
It seems that the app will try to forward the SMS several times if the host is unreachable.
This is the webhook I set up (i.e., in an automation).
alias: Receive SMS from SMS to URL forwarder
description: See https://github.com/bogkonstantin/android_income_sms_gateway_webhook
trigger:
- platform: webhook
webhook_id: example_name
alias: When SMS received at https://PUBLIC_HA_DOMAIN/api/webhook/example_name
condition: []
action:
- service: system_log.write
data:
message: "{{ trigger }}"
mode: single
I see that most users have gone the GSM modem route, but the GSM network will be discontinued in the future. Has anyone worked with receiving message from gateways like ClickSend? I would not mind working on the API to receive, I do not know where the current code is stored for the send function and would not know how to begin to implement it in the HA code.
Any ideas?
Thanks
Receiving from an SMS Service can be as simple as setting up an endpoint on your home assistance instance which you could do with a webhook.
Still, this has the disadvantage that if your internet connexion is down, then you do not have access to the service.
I mentioned the Android App SMS to URL forwarder a few posts up. It can in fact also work when there is an absence of the internet.
The Android phone can be connected to the local network and therefore still deliver the payload using WiFi. It might be an easier and also economical method because you do not have to setup the modem in HA, and you can use an old phone you have on the shelve. To send an SMS, the Android App does not propose an interface for that. Maybe another application that could run without the internet exists or the Android App could be extended to propose an interface for that (http socket).
Thanks for the reply but I actually kill all internet access to the HA servers except for connecting to the SMS gateway, and then occasionally when I want to do updates. So wouldn’t adding the Android to the mix actually be another entry point into the network? Or does that solution actually give me access to SMS only? GSM is all but gone in our area as 4G and now 5G has replaced it all.
The bottom line is I want to get status updates on demand without exposing the servers to the inet more than necessary.
I do have a hidden MQTT server on the internet and might set up a listener on one of the internal servers that could then trigger script and send the requested information, but there again, now I am opening up another hole. Yes, I am a security freak. I worked in IT and network security for 40 years.
Thanks for any ideas you or anyone else can provide.
If your phone can only connect to WiFi and you block your phone from the internet (through the WiFi network), your phone would not have access to the internet. You can just disable the data option on your phone as a first step, to go further you can set the data limit to 0, and change and force the APN to something that does not exist (if the APN is wrong, the phone can’t connect to the internet).
I hear you about security (risk of intrusion) - have almost 1000 different logins and passwords and firewall for instance.
Are you sure? Where are you located? Some countries just decided that GSM (“2G”) will be around for another decade (UK it was?)
As to my knowledge nether 3G, 4G or 5G (often only 4G+ relabeled) is capable of native calls and messages - that’s only possible with 2G/GSM. That’s often phones are actually connected to GSM and LTE in parallel for example. Also I read ones many (automated) emergency calls in cars rely only on 2G which probably is reason enough for many countries to just don’t phase it just out rapidly.
Maybe you mend 3G is phased out in favor of 4G/4G+? That sounds more realistic and is actually the case already in some countries.
In my area of NW Arkansas, T-Mobile was the only carrier still using GSM. That system has been turned off and now they offer 5G. Unfortunately I do not have adequate service to utilize T-Mobile. Plus, I don’t need another $20-$40 monthly bill. I bought a cellular based dog tracking collar but that test failed miserably. It only worked when we were in town.
In my bubble snake oil is a well known synonym for anti virus software. It’s actually a nice one as it doesn’t directly points out the harm this kind of software actually can cause. It runs with privileged rights and can often cause more danger to user than this snake oil “helps”. A proper ad-blocker and up2date browser is more convincing for most it professionals than running a “antiv virus”
That’s actually very abstract. The bigger risk today is exfiltration or simply a device you have in your network already which can get rogue. Every simple consumer router does by default block all connections from outside and for most common people a extra firewall appliance (because technically speaking every router has a firewall included) doesn’t make much sense. On the other hand network segregation via VLAN can indeed mitigate risks to a certain level.
That’s crazy. I got myself some (almost world wide working) sim cards for $10 which are valid for 10 years and include something like 500MB and 500 SMS - nothing for binge sending of messages but certainly a good value for money and if after 3 years for example the messages are empty I can just drop in the next sim card The vendor is 1nce.com (by the looks of it the offer changed a bit now and only 250 SMS are included now).
“Exfiltration” is in my view preceded by an infiltration (a trojan horse added to your network) and my firewall will block outgoing connexions from devices by default.
Most people will not know they already have some kind of firewall. And if they do, you still need to manage it (or have it managed). You can’t rely on your internet equipement - one of my peers says most internet boxes have known security issues.
My firewall’s DHCP will by default deny device access to the outside world until I authorize it (restricted to certain services after analysing what it tried to connect to). All DNS requests (requests to port 53) are redirected to the the firewall’s DNS, secure dns is blocked. That is where I do “ad blocking” for instance using selected DNS Blacklists.
VLAN adds security on top of that (but I do not have the proper switch yet).
The antivirus is also useful as it protects from other threats - including “snake-oil”.
There is such things as 4G Calling (also known as VoLTE) and Voice over NR(VoNR) for 5G. The device has to support it, but I suppose that most devices do.
Well that’s often only theory. If you look how even big enterprise companies (with all the firewall and snake oil installed) get compromised it’s mostly due to human failures. So the thread mostly is already inside and not outside. Using windows, exchange and other “common” stuff is mostly enough that one wrong click of a employee and a 0-day exploit to compromise whole networks.
That’s a common misunderstanding but obviously something the industry (snake oil sellers) want you to believe. Sadly they are (still) somewhat successful and even technical people fall for that trap.
Every program running on a machine with escalated privileges (like “anti virus” software) makes the surface for attacks greater. Thinking that these complex anti virus is free from bugs or even backdoors probably also thinks santa claus exists
Often system can be infected because they have “anti virus” installed
Moshen Dragon’s TTPs involve the abuse of legitimate antivirus software belonging to BitDefender, Kaspersky, McAfee, Symantec, and Trend Micro to sideload ShadowPad and Talisman on compromised systems by means of a technique called DLL search order hijacking.
A simple bug in a snake oil software often is a severe vulnerability because of the escalated privileges it has.
A DNS based ad blocker can’t substitute a “proper” browser based one like u-bock origin as it is limited to DNS level blocking.
You don’t need a extra switch/hardware for VLAN. Even my 10 year old router (obviously running openwrt) is capable of VLANs (I payed $10 used for that thingy).
Indeed, and that’s not native to my knowledge but requires a data connection as the call is (s)ip based
Still, that still an infiltration first - the malicious URL/programme made it through the defenses. My antivirus/internet protection inspects emails and web data (including https) to try and block them - or at least alert.
I almost added that you need to select the SW carefully. Any priveledged SW is open for DLL attacks. My antivirus (not in your list) notified me daily about an unsigned installer (Microsoft!!!) being used - turns out this was for updating some Bêta version of Edge - the procedure to uninstall it was “uncommon”.
True, but a browser based one can be snake-oil. The DNS list works instantly for all devices even when you can’t control the browser or hidden OS communications, including for Home Assistant that was using cloudflare.
I can assure you that the DNSBL is very effective for ads - I regularly have a site indicating that I should deactivate my adblock software - and then I think : I am not using adblock software ;-).
Yess, but you installed SW in your router - as far as I understand it you need a managed switch to use VLANs
Sure, when you’re connecte on LTE (not IoT-NB), you have IMHO a data connection. And I would separate the “IP” for making phone calls from the “IP” for the user. A cellular phone has multiple processors and the sub-system handling the communication is well separated from processor(s) handling the user applications and GPU.
Hoping that the snake oil tries to block or at least alerts you
The thing is you try to filter, (deep package) inspect and do what not and spending hours on black/grey/white lists. In the end you never will be able to achieve a 100% success rate (which would be needed to “succeed”) but just spending a hell lot of time to achieve actually very little (compared what a proper browser based ad blocker could do for you )
Very much sounds like a false-positive actually And it’s so very poor actually your snake oil hops on that “unsigned” train. Obviously all (proper) mal/random/whatever-ware are signing their stuff.
On the other hand your own crafted home made software will be most likely be not signed and will trigger your snake oil telling you the code you just wrote is dangerous.
Btw. your anti virus is not “in my list” (as I don’t have any particular snake oil list) but it was not mentioned in the link I posted. You can be certain (you could do some google-fu) that your snake oil had (and probably has) bugs and that it is raising the possible attack vector on your system
That’s wrong. You need no (extra) hardware for VLAN as the V stands for virtual
There you have it. It’s very limited and can’t circumvent the detection of domains/IP’s blocked. On the other hand with a (non snake oil) ad blocker like ublock origin you can easily extend the functions of blocking all that nasty stuff like ad block detection, cookie banners and all the other annoyances.
Beside DNS based blocking can be easily circumvented (rendered useless) by CNAME Cloaking (DNS Delegation or DNS Aliasing). You probably know that as you will still see ads when trying to rely only on the limited DNS based blocking. Also false-positives are a nasty and annoying - in all this technique is (imho) not only incomplete but also painful to maintain (manually white list stuff for example to unbreak sites). On the other hand deploying ublock origin ones on your browser (and enable all available block lists) is a fire and forget and just works
The only people I know who still make use of DNS based blocking (with pihole for example) are the ones who don’t have full control and ownership over there devices like the crew for example.
and firewall for instance.
The vendor is 
)
crew for example.