Sensors security level for automations

Would be nice to have sensors security levels for automations.

For example, if I use an unsafe 433 thermometer for info, that’s not bad.
If I use it to start AC, that more concern, but not critical.
If I use it to open shutters, that’s a real security problem.

Could be more subtle, like zwave version, firmware known as vulnerable, etc…

How would you measure security levels?
yes/no? 10 out of 60?
a simple RF device will always be unsafe in that way and you make the automations and have installed the RF device, so you should know that.
A Zigbee device will always be a Zigbee device with the properties bound to that, same for Zwave and so on.
I agree that a vulnerable firmware sensor would be nice, but you need a source for that information and if you have it, then a scrape sensor would handle it.

For a start, a simple classification would be nice for sensors and actions, like:

  • Sensor unsafe (like rtl433), moderate (z-wave S0) and safe (at least for now)
  • Action non critical (light), moderate (heater) and critical (door, shutters)

Vulnerable firmware handling is a huge task, lets start small first :stuck_out_tongue:

Vulnerable firmware is the only part that can not be done with the current tools available to the administrators of a HA installation.
All the other functions can be made with scripts and automations.

You answer doesn’t help much.
I didn’t say it can’t be done, I said it should be native to HA, so anyone could be aware of insecure automations and new security problems.

I was not a help, because the developers would really not be in a good position to judge those things.
It should be up to the administrator of the installation that have knowledge about the devices.

Remember that HA does not provide information, it presents them.

So where does the information come from and how should it be presented?

Well, It’s not a developer position.
Some protocols are known to be insecure, it should be tagged as suchs at least for a start.

RF signals are used for car keys, car alarms, home security system and lot of other stuff, so RF signals can be secure. In general RF signal for home entertainment systems and other appliances are just simple signals, so they are insecure, but there is no way of knowing what type of signal a device use from the HA perspective.
WiFi has so many possibilities that it is impossible to say what a device have of features, options, vulnerabilities and so on.
Zigbee is not a fixed protocol, so it depends on the manufacturers.
Z-Wave is a strict certified protocol, so that is somewhat easier, but it is also more expensive devices due to this strict certification process, so it has less appeal to most users and therefore less impact with such a feature.

You are of course still welcome to have your suggestion, but I do not think it is likely to happen.
At least you should vote for your own suggestion. :wink:

Sadly it’s not as simple as you think.

Depending on what you are using a “simple” RF on 433Mhz with a rolling code could actually be more secure than a Z-wave device with a 300 series chip set :boom:

Btw. @Gonioul you can also vote for your own feature request :wink:

Well, classification is opened :stuck_out_tongue:
But It could be a start.