How Home Assistant is being used to protect from missile and drone attacks
denysdovhan.comThe existence of this is fascinating and horrifying at the same time.
I wonder how he tests it though; when writing tons of YAML for K8s or Ansible, you usually test it in a test environment before putting it in production. Unlike the other cases though, a bug in your YAML here can literally lead people to lose their lives.
The term “battle tested” is used literally here
Made by the people from the trenches
The actual horrifying part is that this is more of a coping tool than a warning system, as its utility as the latter is limited even in Kyiv. If you are not at the point of accepting your fate, but have already given up on attempting to get to actual shelter, you can set this up and only hide from glass shrapnel for an hour when the cruise missiles and killer drones arrive instead of hiding for hours while they fly all over the country through the gaps of air defense.
For anywhere closer to the frontline than Kyiv this is almost completely useless. Travel time of even non-hypersonic ballistics, hell, even of glide bombs is so short you'd be listening to your alarm and the sound of explosions almost simultaneously.
Most of the stuff moved to UI already in home assistant and less than error prone compared the last
Welcome to the dystopian future timeline! It gets worse
To see some statistics about the number and duration of air alerts in all regions of Ukraine, including number of media-reported explosions by region and time period, check out https://alerts.in.ua/en, they have a statistical summary section there. Click the hourglass button on bottom of the screen, then filter by time period.
I work in statistics, and rarely do I wish for fewer data points...
The real question is why there isn't any official API that details the nature of the danger. You shouldn't have to scrape Telegram to figure out the type/speed of the air assault weapon, and the likely time on target.
BTW, also check out Kropyva, it's like Uber for artillery strikes. Very helpful with deleting Russians.
Any single API for this would be constantly attacked.
They're distributing the attack surface by using other services.
Let's not exaggerate. There are APIs that distribute the list of oblasts (regions) that are deemed to be under attack (for example https://alerts.com.ua/). The only problem is that you don't know if the attack is expected in 10 minutes, or 6 hours, and this is something that the military intelligence has, and could share with a small amount of effort. They effectively already share it via people running those channels.
Also, nothing stops you from redistributing the structured messages through multiple channels.
The problem is that you let the enemy know the detail of your intel. Using compartmentalization, they can locate leaks and determine how you are getting the intel.
As a military, you never want to give that away. Looking at WWII, the UK/US were able to decrypt messages daily from the Germans (thanks to Turing!), but they pretended they couldn't so the Germans wouldn't change their encryption scheme.
But they already share it, just in a messy format. No need to philosophise.
I'm not philosophising, this was literally my job in the military and worked with a number of analysts who worked on this sort of thing.
I see, but this military does share this very information.
They share enough information to be useful to the civilians but not enough information to show capabilities. If everything is automated, the enemy can subscribe to the automation and work out radar capabilities, response times, and accuracy. Those are all terrible things for an enemy to use and abuse.
This is a significant mistelling of the history of the German "Enigma" device. Significant usage of Enigma was done during the war in a manner that was secure enough to prohibit interception.
Turing's methods are brilliant as are the contributions of numerous other cryptographers. They relied on numerous operational failures of some branches of the military to be possible. So it was not from "the Germans", but from specific branches of the military that failed to follow already established best practices
I'm not sure what you mean. They used daily weather reports to decrypt the enigma for that day, so I'm not sure how that is an operational failure. If you know part of the cleartext, it's possible to brute-force any encryption given enough time.
https://www.accuweather.com/en/weather-news/how-british-cryp... gives a pretty decent summary.
Sure, but those known text attacks were made significantly easier by German operators using (and reusing) non-random and easily guessable encryption parameters. Once the keyspace became small enough to search, they were able to brute force the encryption.
You're mentioning one technique as if it was the comprehensive method of compromising the Enigma. It was not. The example you give would only work for the Kriegsmarine transmissions for example. The Luftwaffe had its own system with its own operational failings.
Not sure outsourcing it to a Russia affiliated messaging app is the best choice then.
What would you choose?
Not an easy questions as it depends what's popular in the local market, you need to be where the users are even if you don't like it in cases like this. Telegram also has a great bot API, which makes it a harder sell to use alternatives (Signal, WhatsApp) or open technology like Matrix, where it's only useful for people that like to play around with technology and not regular people.
The chief reason is decentralization.
Journalists who are updating these channels have their own sources in the Ukrainian air defense network as well as OSINTers who, for example, monitor Russian radio traffic using SDR, or even sometimes have people on the ground observing the take-off of planes in Russia and Belarus (horrifically dangerous, but there are ways to send this information somewhat safely; planes tend to be loud). If one of the journalists goes down for any reason, there will be other people writing updates. Each oblast also has their own channels where they announce attacks, some of them owned by the local administration, some by the emergency services. The air defenders themselves are a bit too busy to monitor and write this stuff; often, the best they can do is to write some short messages into a group chat or a Telegram bot before things go down, and even then, all parties involved have to balance providing an appropriate warning window with not letting the timing of this information to reveal the capabilities and locations of different kinds of Ukrainian observation stations. And this whole system has to be simple, since not every trained air defender is tech-savvy in general. Many don't know what an API even is. Many Ukrainians, too, wouldn't understand how to work with an API, but they can read the warnings in Telegram.
Also don't forget that the journalists who curate monitoring channels often also accept reports about the flight paths of missiles and drones from the general public, and while there are a couple of apps for that as well that send data from the phone's GPS and compass while the user is pointing the phone at the object, again, it's a matter of having several information channels that non-technical people can easily use. Even just writing to one of them that you just heard a cruise missile fly by, specifying your rough location, can be helpful, since radar coverage is not 100%. These messages then get relayed back to the people in the Ukrainian AA who are trying to intercept these things in real time.
Then there are the obvious security concerns, personal communications and group chat access can be vetted and it's hard to break the anonymity of Telegram channels from the outside to even be able to target the authors' devices with cyberattacks. While an API must be open to the world, and thus it immediately becomes a target.
It's a messy system but it works.
Kropyva is not available to the general public and it's very far from the capabilities of similar NATO systems, its strength lies in the fact that it's an Android app that can be used on cheap tablets, so it doesn't rely on the military-industrial complex provided hardware, which is safer and more robust, but far more expensive.
> it's like Uber for artillery strikes
...
> Home Assistant has a built-in Ukraine Alarm integration. It monitors the nation-wide system of air alarms and toggles safety sensors in HA.
I don't know anything about the HA community, but I would be very wary of any new commits impacting this plugin...
Considering they are running in thousands if not millions of homes, I hope they are anyway checking everything
I'm not sure what your implication is exactly regarding the HA community, but that aside;
I work in an industry that puts huge emphasis on the risks of software supply chain attacks; regardless of the community, in an ideal world, and in this situation, I too would be making sure any such code was very carefully reviewed by a trusted group of peers (including myself) and using signatures et al to ensure everyone is "getting what they paid for", so to speak.
This might not be relied on to the extent people's lives depend on it, but if it's important enough to use, it's important enough to be sure.
All of that said, it's easy enough for me to say when there isn't such a terrifying list of munitions raining down on my home when I'm trying to get some rest, so a simple step such as "not updating from a known-good configuration" might be enough.
The fact that this exists is at he same time chilling and inspiring.
I didn't think I'd ever read a programming tutorial on string matching Tu-95 take-offs and Kalibr launches in anything but a fictional setting, holy shit it feels so surreal. Like a modding guide for Cold Waters or something.
Fascinating use of HomeAssistant. He mentioned uptime monitor in the next section - I wonder what he uses to ensure it stays online? I would guess some sort of UPS or battery backup.
Most of us have something in place since the winter of 2022 when the power outages were systematic due to russian strikes on civilians and infrastructure, amplified by lack of air defence. Most of us needed to work though so some got UPS, EcoFlows, generators, solar systems, even DIY batteries if the budget is low. This year it's more of the same.
What DIY batteries? Have you considered the new sodium/aluminum battery type? I am wondering if that battery could be easy to DIY because sodium and aluminum are cheap and available.
DIY batteries here are usually battery banks assembled from Chinese LiFePo4 cells, plus a Chinese BMS.
I imagine UPS are necessary anyways in Ukraine since the power grid is getting constantly attacked.
Using technology to improve lives is one thing, but using technology to survive missile attacks is just another level. Sometime I ask myself, will humans ever stop wars once and forever.
I don't think that would be stable. No war means losing the ability to fight which means eventually it'll be easy enough for just one small group to attack somebody much bigger but weaker.
If war is solved by all attacked countries surrendering immediately so one aggressor rules the world, I'm sure factions would emerge within it who are competing for power again.
Maybe a solution could come from some defensive technology permanently outperforming offensive technology? I think people would still find a way and the wars might be or begin by psychologically changing people's allegiances.
The risk of war between sacramento and san fransisco is zero. I don’t see why we can’t make that true for the world over one day.
How about between Florida and New York? Or cities in red states vs their state government? It’s not zero anymore, especially when politicians challenging federal authority (eg Texas with border control) in obviously illegal ways.
We have numerous examples - Jan 6th, the Bundy standoffs, Oklahoma City, the Black Wall Street bombings - the risk isn’t zero.
That's because there's a common government that's more powerful than both of them and will stop any such war. But that common government still has to maintain its power with an army that can function.
Obviously civil wars happen all the time in places where there isn't a single powerful enough government to keep them suppressed.
Maybe you want one world government or a military alliance that includes every country and they all fight against any local wars no matter what. But what happens if some big enough group feels (or is) oppressed by that government and tries to fight it? Oppression by the majority forever is better than independence for anyone?
It's zero now. But if they ever find themselves in distinct nations then the odds will change.
wars inside a single US city can be quite common, typically over “turf”
Humans are naturally inclined towards war or conflict. It’s our fatal flaw.
Seems to be just a few bad eggs that fuck it up for the rest of us. Everyone I know just wants to get along with their lives, deal with their own problems.
>fatal flaw
Enjoy your freedoms: paid for in blood.
>fatal flaw
Enjoy your freedoms: paid for in blood.
> will humans ever stop wars once and forever
This is an overly broad and philosophical question. It's positioned far away. We could all get together for a cup of coffee and discuss this topic for ages.
A more grounded and practical question would be: why didn't Biden stop the war?
Now we're talking! One should expect lots of contradictory opinions, quite some hostility, a couple of MTG-like personalities with followers and of course this one specific comment downvoted to hell.
But see, that's exactly the point: opinions vastly differ on the same subject depending on whether the situation is a hypothetical one far away or a physical reality.
Telegram and its channels has been such a life saver for many, and a huge resource for the press as well. It is interesting how it is used here.
I bet Russia state actors would pay a lot to controls or infiltrate those channels.
That’s wild. The amount of stress dealing with these attacks at any time of the day/night would likely age me by a decade. Then still expect to grind at work in a few hours or the following day.
It is wild, has been since Feb 2022, it's also "the new normal" we really want to get out of. (Not desperately enough to give in tho). Also keep in mind that this is only one of the stressors associated with war. Others include hearing about civilian casualties every week, reading and hearing horror stories from people who escaped occupation or were liberated (e.g. Bucha, Kherson...), learning about friends and acquaintances falling in battle, military draft, uncertain, but likely dire future prospects and the list goes on. So yeah, days go like years. Don't repeat our mistakes and write to your representatives.
Inspiring and horrifying, in equal measure. When is the west going to understand that Putin respects only strength and grow a pair? We should be giving the Ukrainians everything they need. It is the right thing to do. But it is also the military bargain of the century - the Ukranians can continue to decimate the Russian Army and NATO doesn't have to lose a single soldier.
Or we can let the Russians win and have to deal with millions of Ukranian refugees. Probably followed by Russia attacking another country.
It's 2024, instead of riding our personal spaceships to habitat on Mars, we use Home Assistant software to alert us about incoming missile attacks.
War is the single most unproductive activity humans can do. Sure, maybe Putin has his rationale, but spiting on a cake is never how one can secure the cake for themself, because guess what, others can also spit on it and then the cake is ruined. A greater leader knows that the only way to really solve a problem is to do something that adds (instead of removes) value, sadly some leaders never care to learn it.
Rant aside, I want to ask a question: based on the article, it seemed that the system requires Telegram (thus Internet) and open source intel to work. Is it possible to make the system self-sustained? Is it physically possible to detect imminent attack based on soundwave/light signals? Because after the war started, Internet access maybe a difficult privilege.
> Because after the war started, Internet access maybe a difficult privilege.
? The war is on and people are continuing to use the internet.
> Is it physically possible to detect imminent attack based on soundwave/light signals?
You cannot hear a hypersonic missile coming. Horizons prevent you seeing it. You need to listen to the AWACS https://www.cbc.ca/news/world/flying-with-nato-awacs-1.66194...
> Is it physically possible to detect imminent attack
Yes. Air defense does this pretty consistently.
And then what? We (Ukrainians) have lost some components of the PATRIOT air defense system because we were out of interceptors. Imagine being an air defender on duty on the best hardware in the world, facing the missile incoming and being incapable of doing shit because you're empty because of... democracy. The very thing being protected right now from that specific missile.
Nice to see people able to use tech to help reduce/manage their stress/trauma in such horrific situations.
Good point about telegram. As much local control as possible is desirable. Do the text to speech interfaces work offline with the chosen devices ? If so, I’ll likely have a play.
I have a project that might be able to help with your situation. A Raspberry Pi based sound localization system. It’s very accurate. Last weekend I localized an explosion (fireworks) to within 20m from the actual location with 4 recorders. two of which were 3km from each other.
Unlike most ARUs (autonomous recording units) which are based on microcontrollers and need post processing to determine an event start time, the Pi system could be used as the basis for a real time localization system as the system times is sub microsecond accurate.
With likely a small amount of new development and co-operation with your friends you could be alerted in real time when artillery or gunfire is getting close to you. Along with a map location of where it was fired from
My license forbids government use (attaching consequences to the small developer unfriendly cyber resilience act that is stealing from small developers and giving to rich ones) but personal civilian use is just fine.
https://github.com/hcfman/sbts-aru
(PS. I agree on with the sentiments of the above authors about war. It’s sad that our governments instead of putting everything into driving to peace are spending our future climate change defence money on destruction and they are gunning for it with an insane appetite)
> War is the single most unproductive activity humans can do.
Let's wait a few decades and see the results of global warming, shall we?
Not sure what you're trying to say. Global warming is a human activity, global warming is unproductive, global warming is caused by one human activity, that activity is unproductive?
Not sure if you are writing this in good faith or not, but let me assume you are:
The parent said "War is the single most unproductive activity humans can do", without giving much details about a metric (it is very productive if your business is to build weapons, but counter-productive if your business is to save lives).
But assuming that the metric was something along the lines of "doing good for society", then global warming is a lot more counter-productive than wars. Global warming and wars are the result of human activities (in case that was not clear).
So yeah, we would certainly save more human lives by keeping our wars (I mean, without nuking the whole planet) but working all together to reduce the impact of global warming. Meaning that IMHO, "war is NOT the single most unproductive activity humans can do". Not that it is good, quite obviously.
Does that answer your question?
Mobile operators have added microphones to 4G cell towers throughout Ukraine to triangulate suspicious sounds.
Starlinks provide decentralized access to the Internet both on the frontline and back in the rear. Together with batteries, solar panels, and petrol/natgas/diesel generators, they can be relied on to provide 24/7 Internet access for a while even if something happens to the ISPs. Lots of people now have them even though they are a bit expensive, and the Ukrainian government had also set up a network of locations where civilians can gather to warm up, charge their devices, and send messages over Starlink, in the worst-case scenario of a major infrastructure breakdown.
More broadly, it's harder than it seems to knock out both the entire backbone of the Ukrainian Internet network and the backbone of the mobile carriers, at once. It's easier to target the power stations. Even then, it is possible to get at least some power as long as the fossil fuel logistics are maintained. A 180W solar panel that costs around $100 can, in decent weather, provide enough power to charge a phone and power a Starlink. So power is a major problem, but it also has solutions.
Some of the telegram channels are government run, so it's not just open source intel
Of course it would be possible to detect these things yourself, you would just need an extensive radar network covering 600k km2 of Ukraine, and as much of Russia as you can. You'll need quite a variety of systems to detect both hypersonic missiles and slow low flying drones.
>spiting on a cake is never how one can secure the cake for themself,
Not sure the analogy holds, Putin got a slice for himself and spits on the rest.
> War is the single most unproductive activity humans can do.
This war is a conflict about values; conflicting sides think human lives are worth sacrificing for the values let alone economical output.
> War is the single most unproductive activity humans can do.
I think I totally disagree with this. So many inventions have been the result of war, even outside of WW2/the Cold War.
For example, what would Israel look like today if there was no threat of since its founding? I doubt it would be anywhere near as advanced as it is today.
War is terrible, and I'm not advocating for it, but I don't think you could necessarily say it's unproductive.
> War is the single most unproductive activity humans can do
https://science.howstuffworks.com/war-drive-technological-ad...
war leads to technological progress. peace leads to kerfuffles over pronouns.
Directed with unerring accuracy by Moscow specifically to seed discord and division.
The idea that this the inevitable direction of peace ignores the fact that the rise of the so-called culture war is part of an asymmetric conflict.
This is just the same old disproven "hard times lead to strong men, strong men lead to good times, good times lead to weak men, weak men lead to hard times" nonsense.
If you paid any attention to what the talking heads driving the culture war discourse in the US have openly said about what they have been doing, it's obvious that the "culture war" is about as much the fault of progressives as the Ukraine war is the fault of Ukraine. "DEI" and "wokism" is just the current designated battleground after drag queens, "CRT", "BLM" and masks/vaccines. The goal is to frame non-issues as apocalyptic imminent threats in order to create political momentum for otherwise unpopular politics of rolling back civil justice advancements (e.g. gay rights, reproductive rights, Black rights, women's rights).
War does not lead to technological progress. War accelerates technological progress. A majority of groundbreaking research happens outside the private sector and war economies usually see more direct state control of the economy and more state involvement in R&D, supported by heavy public spending. If you want to take a lesson from war driving technological progress, you could just do this in peace times.
It sounds like the peace time decadence is not kerfuffles over pronouns but entertaining a privatized economy concerned more with ROI for investors than contributing to a shared public effort.
> If you want to take a lesson from war driving technological progress, you could just do this in peace times.
that's exactly the point though. unless we're threatened with annihilation, or at least loss of access to valuable resources, we as humans don't seem very good at this kind of thing. we'd rather spend it on corruption, bullshit jobs, vanity projects, etc.
Not at all. I think you've confused the word "progression" with "desperation".
Killing is the most basic instinct of animals, a dog can do that if aggravated enough. In fact, a stupid strong dog can be much more violent than a smart strong dog. It's not anything advanced, really. So as war, which is just a form of mass killings.
Peace, on the other hand, is more advanced. It takes a lot effort, maneuver, calculations and compromise to make it happen.
Technological progress will happen (if not happen in a better way) without war, it could be driven by market, or people's wish etc.
War makes people desperate, so they wish to have something to keep them safe immediately, including methods/tools that makes them good at killing (formally called "Defense"). That's why we humans figured out how to build nuclear bombs BEFORE nuclear power stations.
There are also countless example on how wars halted progress. Do you know how many scientists lost their lives because of wars? How many regular people and their potentials gets destroyed because of wars? And how high the reparation could cost to repair what's lost the wars?
All and all, calling "war leads to progress" is a complete void-filled nonsensical bullshit. Kerfuffles, if keeps people safe to enjoy their lives, is way more productive than that.
What a humanity fail that stuff like this is happening.