
Logitech disables local access on Harmony Hubs, breaks automation systems - Deinos
https://arstechnica.com/gadgets/2018/12/logitech-firmware-update-breaks-locally-controlled-harmony-hub-systems/
======
all2
I am sad to see that Logitech has fallen into the business model of
technological churn.

I've found their devices (I've owned a few mice, a keyboard, some speaker
setups) to be durable, well designed, and comfortable to use. Their industrial
and UX design teams are top notch.

Somebody up the marketing side of the chain should do some math and figure out
how to not disenfranchise users. Maybe lock down unofficial APIs and require
authentication of devices (which legitimate users could do). Or something.
There are lots of options that don't involve pissing off satisfied customers.

But devolving into 'we want to sell new system X, let's brick some old
devices' is a great way to drive people away from a brand entirely.

~~~
philtar
What UX team?

Their Harmony software is atrocious. It feels like a badly designed flash
application.

G Hub is broken as hell. LGS is kind of OK but not going to win any UX awards.

Am I missing anything?

~~~
all2
I mean UX for their hardware. All of the stuff I've owned has been lovely to
use. I've not had to try any of their software.

------
TheBill
Google completely bricked their home hub, so on the bright side at least
Logitech users can still use the damn thing.

This reinforces my belief that unless there's officially supported API/CLI
access & the end user can control (should they opt to) the cadence of updates
- you don't own the hardware.

~~~
Wowfunhappy
> Unless there's officially supported API/CLI access & the end user can
> control (should they opt to) the cadence of updates - you don't own the
> hardware.

I would agree with a modified version of this statement. To own hardware, I
need the ability to control software update cadence _and_ be able to use the
device without connecting to an external server I don't control.

If an API or CLI interfaces with an external server in order to function, and
that server goes down, I just lost access to my device. By contrast, a GUI app
that operates entirely on my local network is never going to stop working.

------
skocznymroczny
That's why I never install any updates on IoT devices. They usually remove
features like that and you can never go back. I'd rather have my device
'insecure'.

------
thescriptkiddie
Shit, I just bought one of these, I wonder if it is too late to return it.
I've just about had it with all of these "smart" things that fail to live up
to the advertising and get worse with every firmware update.

~~~
com2kid
To be fair, it looks like they are closing off some security vulnerabilities,
and I'm hoping they wouldn't kick up this much of a PR nightmare unless the
security vulnerabilities were some type of horrific RCE.

They might advert this PR storm if this if they just document the
vulnerabilities that they fixed.

~~~
bahnburner
But this was a local API, so unless an attacker already had physical access to
your network there should be no way for the exploit to be utilized.

------
dade_
I was surprised there isn't a mature open source / hardware design, but maybe
everyone thought it wasn't worth the effort with local connectivity to their
Logitech Harmony. Maybe now is the time.

