--- tags: BlogPosts title: SIFIS-Home backstory --- # SIFIS-Home backstory This is highest level introduction to the key concepts behind SIFIS-Home ## Home IoT as 2021 Consumer can buy lots of connected devices, they provide interesting functionality and most if not of them provide means to control them from remote devices and integrate them within voice agents such as Amazon Alexa. ### The future is here You can control most of your home from your cellphone no matter where you are, at home you can just tell Alexa, or Siri, to do something and the agents will do that for you. But what could get wrong? ### Who owns what? A connected device is by definition a physical object that connects to a remote endpoint in order to fully function. You own the device, but you do **not** own the remote endpoint. The software inside your device more often than not is also in a gray area. If the company pushes a firmware update that [disables](https://www.classaction.org/news/sonos-docked-with-class-action-after-forced-phase-out-of-cr100-speaker-controller) some functionality there is little the user can do. If for some reason the endpoint is unreachable your device might still work with limited capabilities or not work at all, leaving people literally in the [cold](https://www.cbc.ca/news/science/nest-smart-home-problems-1.3410143). > Many times is unclear until **something unexpected** happen, what the user is entitled to and for how **long**. ### Who knows what? Connected devices may or may not rely on their remote endpoint to function, but quite often do share with them lots of data so the end-user can access it from their cellphones. There are many legislation to prevent misusing the data collected and stored, but if the remote endpoints are outside the reach of the countries that care, little can be done when something goes wrong. Bad actors can harvest sensitive information and use it as they see fit. Privacy invasion is bad, but actual home invasion is even worse. Criminals can easily figure out if nobody is home if they have access to the smart meters readings and plan accordingly. ## How can we do better ### Trustworthy devices Connected devices tend to be useful, but they are not **trustworthy** as they are now. The software in the device itself might have defects that could make it an hazard. The remote endpoint more often than not cannot be expected to stay up or to not misuse the information it receives from the device. Catastrophical failures are common and yet downplayed. The first pillar of SIFIS is making sure the end user is **aware** of the risks and has a way to mitigate them. ### Fault tolerant connected homes The SIFIS architecture tries to avoid single point of failures as much as it could. The smart devices within SIFIS should function even if their remote endpoints disappear and possibly maintain full functionality relying on in-house endpoints when needed. Seamless auto-reconfiguration is a first class concern. ### Your data is yours The end-user can have an easy way to have a smart home setup that does not rely on remote servers. The safest way to protect your data is to **never** share it to third parties. A SIFIS compliant device or application will provide a clear labeling so the users willing to share their data with a third party can do that, but those more concerned about their privacy will be able to avoid such devices and applications directly at the marketplace level. # Author [Luca Barbato](https://github.com/lu-zero) is a long time Open Source contributor, member of VideoLan, Gentoo, X.org and few other organizations. He is participating to SIFIS with his company Luminem SRLs.