The Telegram Notification component is a great notifcation tool.
The Telegram bots have loads of untapped potential for HA. E.g. custom keyboards.
It would be great if we could use Telegram bots to trigger actions or automations in HA using custom keyboards or inline commands for smart automations. https://core.telegram.org/bots#keyboards
E.g. my Telegram Bot asks me for confirmation before opening my gates when arriving home. So my gates don’t open automatically when driving past for example.
But the downside comes when thinking about security. I haven’t done much research, but as far as I can tell Telegram Bots are public and have no form of authentication. So if someone manages to find your HA-controlling bot, the attacker would have control over your home. It’s one thing for an attacker to be able to see what’s happening at you home through the notifications (which is already really bad). But having control over you home, well, I wouldn’t want that.
So as long as Telegram Bots don’t provide some sort of security-mechanism, a Telegram-sensor would be a very dangerous one.
But as said before, I’m not aware of the current state of the bots. If they have added security over the last couple months, it indeed would be great.
EDIT: I just saw, that the notification platform requires a chat_id, so my concern regading anyone being able to receive notification is irrelevant.
Still, it seems like anyone is able to start a conversation with a bot. So anyone who find’s it can send control-messages.
I think each client gets a unique chat id, so it should be easy to compare that with the chat ids in the config. For even higher security, some kind of two factor authentication could be implemented, OTP or similar.
Can you not check the chat id of the chat that the message came from? I have a Telegram group with myself, my wife and the bot. If the group is private (so no-one else can get in and therefore get the chat_id) then just checking that against a config value would be good enough?
Each message has a chat_id property, yes. I don’t know how easy it is to join an existing chat between a client and a bot. My wife and I got different chat ids when we started the conversation with our bot.
I created a group and invited my wife and the bot. So all 3 can chat together. The group itself has a chat Id and it’s that that I’m using in my HASS notifications. So as long as the group is private, and we can check the group’s chat id if someone sends a control message, would that be secure enough?
I think we’d have to find out if it’s possible to join a chat that’s not private before implementing this, so we’re aware of possible security issues, and can inform users. I think the setup you’re describing would probably be secure, but I’d preferably have a setup that is secure without relying on the user creating a private group to make sure it’s secure.
Might be good also to research risk of someone faking a chat id, if it’s possible?
From my reading of the Telebet docs, groups are private - you can’t join them without a join link.
Bots have an authentication token as well which I believe you can only get if you’ve had interaction with the bot. I guess the question is whether you could a) start talking to my bot, and get it’s token, and b) find out my group chat id.
Without both I’m not sure how you’re be able to compromise my setup.
Sounds good that groups are private by default. I’ve read now that you can also activate admin mode and assign admins. Only admins can then add users to the group. Non group chats, are always one to one conversations, as I understand.
Would be weird if you could acquire the token via the API. That would really defeat the purpose of the token, I think. But you don’t need the token to talk to the bot.
As long as we trust the security protocol of telegram, ie disregard the possibility of someone faking a chat ID, I think it should be petty secure to check chat IDs as authentication. The remaining problem would be if you lost your phone. But this is also perhaps out of scope for the security considerations of home assistant, as the security of the protocol.
