HomeDaemon MCP

HomeDaemon-MCP and Clouds

Let's make something clear right up front: There is no such thing as a "cloud" computer.

There are only two kinds of computers: Those you own and those you do not own.

A "cloud" computer is the second type. You are a tenant of sorts, in that you are leasing capacity on someone else's machine. That's all "cloud" computing really is, and the worst part of it is that the owner of said machine has the master key to any lock(s) you may install.

This isn't malicious, incidentally -- it's inherent in how computers work. When you "divide" up a computer into "cloud" instances there is a "master" program called a hypervisor that manages all of the other things the machine does. Think of it as a building superintendant in a tenement -- with a ring of master keys!

The Hypervisor has to have access to everything on the machine in order to do its job of allocating resources to the various users. That inherently includes any encryption keys that are in use, and thus there is no effective means to prevent someone who either breaks into that level of operations or is malicious and works for the vendor from accessing anything on any such computer. Ever.

Unfortunately the bad news does not end there. You may have read about Spectre and Meltdown, which are essentially "bugs" in the way modern computer processors are designed. By doing clever things in programming the processor can be tricked into divulging information from other users on the same physical computer even without malevolent intent of the owner and without compromising a person who has access to the Hypervisor. While some of these problems can be (and have been) mitigated by software patches it is believed that not all can be since processor companies have prioritized performance over security, and nothing realistically can be done about that for currently-installed machines.

It is unknown when, or if, that will ever be resolved in full and it is reasonable to expect that with all current devices it will never be completely resolved.

The question thus becomes: Should you trust your home's security and control to a computer you do not own?

The answer is simple: NO.

Not only can some random intruder potentially get in in a domestic situation it can be even worse, since such "cloud connections" usually include the ability to reset a password or "recover" a lost one remotely. What happens when the other half of your now-soured domestic relationship was the one who bought the thing and thus has allegedly "good" access via the "cloud" to log back in after the relationship has ended? Suddenly your lights turn on or off, your doors unlock and your thermostat is reset -- an act now considered domestic abuse and harassment!

Up until now you pretty-much had to put up with these risks. From cloud-connected cameras to security systems to thermostats and locks, someone else has always owned some part of the computer infrastructure and that part has had access to your house. They, rather than you, have had ultimate control over all of it and who they allowed in to make changes -- or not.

HomeDaemon-MCP changes all of that.

It requires NO cloud connectivity of any sort to operate.

Ever.

HomeDaemon-MCP runs completely locally on the small credit-card sized computer in you house, entirely self-contained. If you connect to it to monitor or control it there is no third-party machine in the middle, ever. Your computer or cellphone talks directly to the controller with nothing in the middle, secured by industry-standard SSL security.

You can optionally have HomeDaemon-MCP "push" video streams, should you wish, to some other machine -- whether part of a "cloud" or a private computer at some other location (e.g. your office) if specific events occur, but there is no requirement to do so. Indeed you can choose to get alerts only on actions and then pull a video stream directly to your cellphone for forensic (e.g. in the event of break-in) purposes. That option, and how you manage it, remains completely under your own control and choice. Should Internet connectivity be lost your system continues to function completely autonomously under its own control and command, with the entire configuration being local to the device and stored on a small MicroSD card.

Cloud computers are fine for things that you want to be public -- like this web page. Certainly, nobody cares if everyone in the world can see this page; after all, that's the entire point of putting it on the web. But your home's status, security, control of locks, lights, garage doors and thermostats, never mind still pictures and video taken inside and from the perimeter, should NEVER be exposed to faceless individuals and large corporations over which you have no control -- or even the ability to know what they may do with your information, either due to intrusion or by their own intentional acts.