submitted 1 week ago by Dave@lemmy.nz to c/homeassistant@lemmy.world

16 comments fedilink hide all child comments

This morning my kid asked the voice assistant to "Turn off the computers in this house".

I heard it, thought well that's a strange request but seems harmless because how is home assistant gonna turn off computers.

Me a little while later, "why is shit broken? What's happening!"

Turns out dumb me had adguard exposed to the voice assistant, it switched off all the adguard settings including the DNS rewriting that is the cornerstone of many of my self-hosted services.

I've since revoked that access.

top 16 comments

sorted by: hot top controversial new old

[-] dan@upvote.au 5 points 1 week ago* (last edited 1 week ago)

A while back, I saw a story in the Home Assistant Facebook group about someone's child saying "Hey Google, turn on everything" and it messing things up. I was telling the story to my wife and forgot to replace "Hey Google" with something Google wouldn't pick up on. Oops. It heard my "turn on everything" and chaos ensued. I have some Zigbee alarms that all started sounding. It enabled several different scenes and ran several scripts. All TVs turned on. My Xbox and Nvidia Shield were fighting for control of the TV (there's some issue with HDMI-CEC that I haven't figured out where if both are on, they get stuck in a loop changing the TV input between HDMI2 and HDMI3 about once per second).

Don't do that. "Turn off everything" is bad too. I ~~have~~ used to have my server rack plugged into a smart plug to measure power usage, and "turn off everything" turns that off. I want to figure out how to disable these two voice commands.

[-] Rin@lemm.ee 3 points 1 week ago

I just want to point out that i'd highly advise against plugging in your server rack to a smart socket. Those fuckers randomly cycle. Use them for things that are usually off.

[-] Tolookah@discuss.tchncs.de 2 points 1 week ago

Instead, use a UPS that has telemetry that you can read back. Bonus: it's a ups

[-] dan@upvote.au 0 points 1 week ago

I'm using a UPS now so I'll get rid of the smart plug. I've been using it for three years and haven't had issues with it cycling though.

[-] Rin@lemm.ee 0 points 1 week ago

What kind do you have? If they didn't cycle randomly, i might get some for myself :D

[-] Zanathos@lemmy.world 0 points 1 week ago

I have Meross smart plugs and they don't cycle unexpectedly. They do use older wifi chips though and my Meross garage door opener has issues staying connected for some reason . I've not had an issue with their power plugs though, been using them for 3-4 years as well.

[-] Rin@lemm.ee 0 points 1 week ago

Only issue with wifi plugs is that they want to call home otherwise won't connect :/

[-] Zanathos@lemmy.world 2 points 1 week ago

There is an HACS addon for Meross to make the calls all local. I haven't messed with it too much but it does work. The issue with my garage door opener is purely an issue with my Ubiquity setup and the fact it's connecting through an exterior wall.

[-] kolorafa@lemmy.world 1 points 1 week ago

In home assistant every entity has "assist" config, you can remove any entity from assist which in turn will prevent it from being included in "all" assist/voice target.

So you can have a plug for server without worry but need to remove it from assist.

[-] MoonRaven@feddit.nl 3 points 1 week ago

Might be a good idea to expose things through a reverse proxy if this is web interfaces. I have *.local.domain.nexus all pointed to my reverse proxy's internal ip address and the reverse proxy makes everything available through https.

[-] Dave@lemmy.nz 2 points 1 week ago

Everything is exposed through a reverse proxy. E.g. homeassistant.mydomain.nz

However, I have DNS rewriting set in Adguard that does *.mydomain.nz -> 192.168.1.XX

This means a) things don't need to go external if I'm at home, and b) I have many things only accessible internally, which rely on this otherwise they won't work at all.

It's all HTTPS, I just use a cloudflare integration in Traefik to do the Let's Encrypt validation for domains not accessible externally.

[-] AlternateRoute@lemmy.ca 2 points 1 week ago* (last edited 1 week ago)

I’ve since revoked that access.

A few releases ago they made it so you can DEFAULT new entities NOT to be controlled by the VA.. I cleared ALL entities and changed the setting. I only add things one at a time to voice control now.

SO many integrations ad switches it is a high risk to default the VA to have access to all new ones.

[-] Tja@programming.dev 2 points 1 week ago

It was DNS.

[-] Dave@lemmy.nz 1 points 1 week ago

Is it DNS?

[-] MangoPenguin@lemmy.blahaj.zone 1 points 1 week ago

That seems like a major bug if it thought DNS settings were a computer.

[-] Dave@lemmy.nz 2 points 1 week ago* (last edited 1 week ago)

It's an LLM that has access to run commands. It's a major bug by design 😅. But it does do a decent job if I keep tweaking after thing kind of thing happens.

Without the LLM you have to phrase things very specifically, or it will say it doesn't understand. With the LLM the kids can do things like ask for "the song that goes [lyrics here]" and it can play it. It's a very cool thing to play with, e.g. "can you tell me what the weather will be like today, phrased as a haiku", but it's full of traps as well. I have a "Home Assistant Voice Preview", the "Preview" bit is to make it clear this is not ready for the general public yet 🙂

P.S. if you're wondering, the weather today:

Showers grace the sky,
Rain will fall, then clear away,
Gentle winds will sigh.

this post was submitted on 18 May 2025

26 points (96.4% liked)

homeassistant

14340 readers

36 users here now

Home Assistant is open source home automation that puts local control and privacy first. Powered by a worldwide community of tinkerers and DIY enthusiasts. Perfect to run on a Raspberry Pi or a local server. Available for free at home-assistant.io

founded 2 years ago

MODERATORS

GreatAlbatross@feddit.uk

greatalbatross@lemmy.world