I got me some Door sensors, they are Tuya WiFi Door/Window sensor:
It uses a phone app called Smart Life:
It sort of works fine.
BUT
it bugs me senseless how these IOT devices use some cloud service and tie you to this one app etc.
And in this particular case the SmartLife app shows me a great log of open/close events but provides no means to export this data for statistical analysis. As it happens, these are sensors on the doors of a street library and we want to collect stats on frequency of use, times of day, and more. But the out of the box offerings are not there for that.
So, I have these on a LAN with an Omnia as a gateway and it strikes me it should be eminently possible (with some ssl concerns on the table), given I know the MAC and IP of each switch, to log all the traffic from and to it on the Omnia. Further, to possibly process those logs then (a Python script) to produce a neat summary of open/close events.
Alas I don’t know quite where to start or if this is a pipe dream because of SSL comms (though surely as man in the middle it’s possible to decrypt even SSL? being privy to whole comms - though I fear it be complicated and again not out-of-the-box). But it remains a premise in any case that the device opens a SSL socket on some remote server and sends its open/close events.
Wondering if anyone is doing anything similar?
Or is this a case of having to find a way to reflash the firmware on these switches to use something open?
Thanks, have done a lot of reading in that direction and alas these door sensors underwent a chip technology change recently and the whole FOSS community hasn’t caught up yet. To work with Home Assistant you typically need to reflash the firmware to connect to Home Assistant and not the Tuya servers. Worse still Tuya don’t make that easy and OTA flashing is rarely possible with most people soldering wires onto the little PCB to achieve the end result.
The question I have mind you is a general one with many more applications. Basically watching traffic passing through the gateways and logging it. Would be very useful in many circumstances. Of course, may be confounded by SSL not sure (it’s a classic cat and mouse game, because SSL aims to make MITM sniffing impossible clearly and my gateway, albeit approved and mine, is a MITM).
That could allow you to sniff the traffic between the door sensor and tuya’s servers.
The one problem is that mitmproxy will generate an untrusted certificate chain, that the door sensor might not accept.
The reflashing route sounds better to me. You would be running a known good software and have control over where the data is being sent. Also, if that has already been validated and documented by the homeassistant community, you would not be embarking on an endless journey of reversing a protocol. Additionally: when tuya changes their API, which they did before, your solution will continue working.
Totally agree. Reflashing is the ideal. And I have played with mitmproxy before with no real success alas, but not in this application. Could try it.
Alas, reflashing is not an option until there is stable firmware for this new chipset. There is an initial cut I think but the reports are the batteries on the door sensors are flat in no time. The thing is the sensors are down and wake up on triggering for as long as it takes to send the signal and go down again thus extending battery life immensely.
The Omnia has Pakon though and it watches traffic if not content, but all the same it suggests it’s doable to at least log the traffic …
Thanks. Alas twice the price of Tuya. I have 4 of these on a family of street library doors for monitoring so they are also in public space, and risk theft/vandalism, whatever else, so even less incentive to double the price ($15x4 for the Tuya sensors, sunk cost) vs. $35x4 for the Shelly sensors at best price I can see.