Huge points for doing this onsite vs. in the cloud.
I'd want to audit the firmware, and would put it behind a firewall blocking outbound connections.
I'd like the ability to monitor a few sites, though -- not just my home, but also a storage/warehouse space, potentially an office, vacation home, parking spot, etc. Being able to monitor all of those in a single app would be awesome.
I'm willing to trust you with processed events (probably), just not raw data, and no silent auto-updates, and a network/deployment config which is at least relatively secure by default. (I know you could covert channel with a sneaky firmware feature I could never detect, but that would require effort. I trust the company to be honest a lot more than I trust them to be bug-free, so I just don't want "fail-open" to be a default.)
Yes, Point will perform all processing in the device and only send events with time stamps, as well as plain sensor readings for temperature/humidity/etc. It should be easy to verify by looking at the outbound bandwidth.
Limiting outbound connections w.r.t hosts, ports and bandwidth (even filtering out OTA firmware updates) should be possible (as we're not trying to hide what we do, only protect your data), but it might affect the performance and battery life of the device, and is not something we can endorse.
What'll be easier to hack - a raspberry pi that Holly Housemaker maintains or a cloud connected one that Nick Neckbeard maintains for her? (serious question, I think there's a debate here)
I'd want to audit the firmware, and would put it behind a firewall blocking outbound connections.
I'd like the ability to monitor a few sites, though -- not just my home, but also a storage/warehouse space, potentially an office, vacation home, parking spot, etc. Being able to monitor all of those in a single app would be awesome.
I'm willing to trust you with processed events (probably), just not raw data, and no silent auto-updates, and a network/deployment config which is at least relatively secure by default. (I know you could covert channel with a sneaky firmware feature I could never detect, but that would require effort. I trust the company to be honest a lot more than I trust them to be bug-free, so I just don't want "fail-open" to be a default.)