this post was submitted on 23 Jun 2024
24 points (96.2% liked)

homeassistant

12015 readers
31 users here now

Home Assistant is open source home automation that puts local control and privacy first. Powered by a worldwide community of tinkerers and DIY enthusiasts. Perfect to run on a Raspberry Pi or a local server. Available for free at home-assistant.io

founded 1 year ago
MODERATORS
 

Hey guys. Im running Home Assistant in docker container for few years and I'm super happy with it. The only way I access my server when not home is wireguard VPN. I noticed that I'm still receiving notifications even when not connected to VPN. I wonder how is that possible?

I don't have sub for HA Cloud or Nabu Casa. I also don't own a domain, using duckdns for wireguard connection and reverse proxy (npm). I thought I have 100% local setup, but I guess there is a Google or HA server in between. I don't want to disable the feature, I just want to know where is my data being sent

Thx

you are viewing a single comment's thread
view the rest of the comments
[–] dan@upvote.au 13 points 4 months ago* (last edited 4 months ago) (4 children)

Notifications go through Google Firebase servers. This is documented here: https://companion.home-assistant.io/docs/notifications/notification-details/. Your HA server sends the notification to Google, which then sends it to your phone. They don't store the notification they just relay it.

Most mobile apps do something like this. One reason is to improve battery life - your phone can have a single connection to a Google server instead of every app needing its own separate connection.

There used to be a way to use local notifications (meaning you have to be on the same network, either locally or via a VPN), but I can't find the setting any more so maybe it's gone now. (edit: this is still possible)

[–] comradegreetingcard@lemmy.ml 4 points 4 months ago* (last edited 4 months ago) (1 children)

Under the Companion app settings, select your server, then persistent connection

https://companion.home-assistant.io/docs/notifications/notification-local/

[–] dan@upvote.au 3 points 4 months ago

That's what I was thinking of! It's not in the settings section I'd expect it to be in (notifications) so I thought it wasn't doable any more.

[–] helenslunch@feddit.nl 3 points 4 months ago* (last edited 4 months ago) (2 children)

They don't store the notification they just relay it.

Yes they do

E: additional context

The data these two companies receive includes metadata, detailing which app received a notification and when, as well as the phone and associated Apple or Google account to which that notification was intended to be delivered. In certain instances, they also might also receive unencrypted content, which could range from backend directives for the app to the actual text displayed to a user in an app notification.

[–] dan@upvote.au 1 points 4 months ago* (last edited 4 months ago) (1 children)

I don't see anything in that article that says that Google store the contents of the notification. It just says that they link push tokens to emails, which is true - they have to know who to send the push notification to.

In any case, if you don't want Home Assistant notifications being relayed through Google, you can use a persistent connection so that the app connects directly to your Home Assistant server.

[–] helenslunch@feddit.nl 1 points 4 months ago

I don't see anything in that article that says that Google store the contents of the notification

Not sure how you think they hand over information they don't have?

[–] KairuByte@lemmy.dbzer0.com 1 points 4 months ago (1 children)

My friend, did you read what the article you linked says? That isn’t storing the data, that’s capturing the data and relaying it, as directed by court order.

[–] helenslunch@feddit.nl 0 points 4 months ago (2 children)

My guy, how is it you think they are capturing and relaying data that they haven't stored?

[–] KairuByte@lemmy.dbzer0.com 3 points 4 months ago (1 children)

Capture and relay have nothing to do with storage. You can absolutely add storage, but it is in no way a necessary step.

[–] helenslunch@feddit.nl 0 points 4 months ago (1 children)

I don't understand. How do you provide someone else with information you don't have?

[–] KairuByte@lemmy.dbzer0.com 3 points 4 months ago

Let’s say notifications are like walkie-talkies. You push a button, it sends an alert or your voice to the paired device. Neither one is storing the information, they are just relaying to each other. Now, in this case the government has issued a court order stating that a third party be given a walkie-talkie with the ability to understand the information transmitted by the first. There is still no storage being done, but a second party now receives all the information being broadcast.

It’s not about not having the information. You don’t actually need to store it anywhere to facilitate communication, at least beyond it being in memory which most would agree doesn’t constitute storage in this situation.

Now, could that third party store the information? Absolutely.

[–] tyler@programming.dev 2 points 4 months ago

I’m guessing you aren’t a programmer or network engineer, because a relay does not necessitate storing anything. Your router does not “store” your webpages when you go to a page on the internet. Something like mulvad vpn doesn’t store anything when using it.

[–] GreatAlbatross@feddit.uk 2 points 4 months ago (1 children)

It definitely threw me the first time I was out of the house.
I decided the best solution was just to limit alerts to non-sensitive things.
While I'm generally very big on privacy, I really don't give a monkeys if Apple/Google is relaying a message that says "Cat in garden!"

[–] dan@upvote.au 2 points 4 months ago

You can enable a persistent connection to get alerts directly without relaying them through Google, but then you need to have a connection to your Home Assistant server all the time (eg by using a VPN or by exposing it publicly)

[–] rambos@lemm.ee 1 points 4 months ago

Thank you. It makes sense now