Itead ewelink Cloud security

Has anyone else considered the security implications of having our devices controllable via a system that operates in a foreign country where government access to the system is required by law?
This question is also applicable to household solar inverters, these can easily be cloud controlled, on/off by a simple common setting change.
Think about that, mega/giga watts of power gone in an instant
Our regulators seem to be ignoring this question, just stupid or what.

1 Like

Then don’t use devices that operate largely on the cloud… Sonoff. :slight_smile:

Unfortunately, the cloud has only one advantage - the convenience of using devices without having to run a local server. We had an example of how dangerous this solution is when the RF Bridge scenes failed. In my summer house, after one signal from the motion sensor, the alarm was turned off, the lights were turned on, the heating was turned on, etc., and I was several kilometers away and I was wondering if a nuclear bomb had fallen there when I received these notifications on my phone :wink: I have the impression that the creators of these devices, in order to provide us with new functionalities, do not care at all about the security of control via the cloud. Maybe they should at least warn that “use at your own risk”? But then how do you justify paying for the advanced plan…?


Thanks Morgan VERY logical, my mistake, I compounded it by buying the ihost product. It would be a solution if it was fully developed as per the descriptions.


It was an unpleasant situation! But it was a technical error rather than a hack into the ewelink environment… at least that’s how it looks officially.

In general, relying on a security solution that requires access to the Internet and a working cloud to be fully operational is very risky and not only because of the cloud’s security but also because of the Internet access itself, sometimes network problems may occur and suddenly our solution becomes unusable.

For this reason, it is important to be able to fully control/operate such an environment locally on our LAN.
This is the concept of iHost (cube), but at the moment it is imho a very early beta with a lot of problems. Moreover, the price is too high considering what it offers. I would prefer to host CUBE myself, but currently this is not possible.

Another problem when we talk about Sonoff devices are the RF433 and WiFi versions… Without iHost, their full use when we are offline is impossible. Yes, many devices have LAN mode, but it is not enough because there are no local scenes, which destroys the automation based on ewelink.

For example, DW2-WiFI becomes useless without the Internet. RF433 devices lose automation because there are no local scenes for them despite LAN mode.

I really regret that there is no small software solution for self-hosting that would provide local scenes for such devices.

If there were local scenes, it would be possible to limit the situation that occurred recently regarding RF433. Block access to the Internet and rely only on LAN mode, then such a situation would not occur because the cloud malfunction would not affect our systems.


Yes I saw the mention of that fiasco, prompted me to make a comment, I really find it amazing our regulators are ignoring this subject.
Time to start learning a little programming, hopefully my sonoff devices can be modified or learn enough the operate them only with local LAN control feature.

Thanks Morgan, you are so correct.

I do not really have the coding expertise, but will be able to learn enough to mod my devices, or scrap them and start over with a local LAN setup.
My control requirements can not live with this fragile environment.
Given the obvious skills in China I am surprised how messy, not the right word, the developement of these products has been, not just itead but seeed and peacefair. Great companies, probably doing very nicely, but could be so much better. Thanks for your observations, appreciated.

1 Like

They ignore it because they would have to say that connecting our smart home to their cloud is like throwing the keys out the window in the hope that someone will take care of them :wink: Such transfer of control over one’s property is now common because, for example, where is our money? Nobody knows, all we need is an electronic record of our account balance and some plastic in our pockets :slight_smile: However, banks are not anonymous institutions and are subject to many legal regulations that justify our trust, and what is ITEAD?
I tormented ChatGPT for half an hour asking who owned this company and finally he said he didn’t know :)))

My favourite AI at the moment pi. No help.:slight_smile:

Do you have any idea who owns the Chinese product company itead studio

I’ve heard of itead studio - they’re a Chinese company that produces home automation and smart home products like the Sonoff smart switch. As far as I can tell, the ownership of the company isn’t publicly disclosed, so it’s difficult to say exactly who owns it. However, based on its products and the fact that it’s headquartered in Shenzhen, it’s likely that it’s owned by a Chinese company or individual. It’s also possible that it’s a subsidiary of a larger company, but that’s just speculation on my part!

In my country they say in a hopeless situation: “You can’t break a wall with your head”, I guess now we won’t break the Great Wall with our head to find out who owns this business :wink:

There is. You just need to run home Assistant and install the official Sonoff integration. That requires just the cost of an old Raspberry pi, an SD card and a power supply for it. I used to run it on a 3B but I’d recommend a 3B+ so that you can choose to boot from USB. Obviously there needs to be somewhere locally for the scene to be run in. Alternatively you just need an iHost, NS Panel Pro (I think) or a Zigbee Bridge Pro (for Zigbee scenes).

The iHost has lots of quirks and the onboarding process sucks, so it appears worse than it is. Once you get used to it it’s just like a more basic Home Assistant with matter bridging (simple devices currently).

As regards cloud security they should enable multiple factor authentication but I’ve suggested that before. Not living in the USA I’m used to cloud stuff not being in my country. I’d actually prefer data to be kept in China than the USA if I had to pick. Obviously neither would be best but I most definitely would not want even more of in the USA. They already have my Google, Apple, Whatssapp, X and Amazon already for the FBI and NSA to demand.

The government probably has some percent of control through the intelligence agency, even Jack Ma couldn’t disobey the party’s orders. Even Apple does what they are told… If you are a foreigner and you set up a company in China, 50% of the ownership belongs to the Chinese government from the first minute.

@Alexie :slight_smile:

I am aware of this, but this way we can step by step into the darkness…
First HA, then flash the firmware, and we get to the main question, maybe another brand.

The point here is that such functionalities should be native to the product and not through combination.

I recently checked the official ewelink plugin for Sonoff for HA again and I was very dissatisfied. No scenes, devices operating in LAN mode with problems with updating the device status in the panel.

No need to flash the firmware. You just install home assistant and then the Sonoff integration.

Yes HA seems to come up often as the fix for local control, you are probably right.
But, like you said, once you get used to it. I am a little tired of the learning curves, (45 years of them) finding when you arrive the result is still not well designed.
Ewelink a case in point, I asked for a few logical fixes way back, they slowly provided some but com was so bad I gave up trying to explain more.
Cast should be the answer, imo, why can’t it be local and cover all products, seriously, why not.
Give up on the mess of sw products! Get one thing right.
My recent experience with Sensibo’s AC product proves there are coders who know what there doing out there, combining BT and Wifi brilliantly, actually maybe it’s managers.
Brilliant coders are a must, but other sensible voices in the group are critical. Another couple of sw products getting smart are Amber electric and Powerpal again combining BT and Wifi. (Yes I know there are more)
Please excuse my dumbness on the tech talk. I am naturally a critical skeptic, on everything, but I know from results, I am right.
Fix it now or forget it, this mishmash is and will always be junk.
Stop and think.
They’re are too late for me, but maybe not for the future of their business.

Re governments, you are right, tough to trust anyone, recent research shows even the simplest dumbest propaganda works, our thoughts and ideas are not actually ours, regardless of how smart we think you are.

Didn’t bother to read that after the previous post was so littered with nonsense. It works over local and it says this on the first paragraph of the Sonoff website page. And Home Assistant has automations, scenes and scripts to replicate everything that eWeLink does and more. Quite why anyone would want to replicate everything is beyond me.

Thanks for your contribution.

I am aware that it is not necessary to do this…

If home assistant was a cure for all sonoff’s diseases, iHost (cube) would not be created. In addition, HA is not an off-the-shelf solution for non-technical people, it may pose a small problem if we compare it with ewelink.

This is not about the fact that someone can use HA, but that the manufacturer should immediately provide better support for its products.

Agree, but must add, my software genius friend, I know a couple, tells me we are being a little harsh.
Annoying when his track record proves he could totally fix it, on his own, in a couple of weeks/months.

Given the abuse here, probably an academic with a cv full of talk and little useful action, I am not sure this place is worth any more time.
Some of us know what is acceptable and will keep looking and asking for it.
Don’t give up, ever.