OctoEverywhere - Level Up Your 3D Printer

Quinn — Tue, 16 Jan 2024 18:30:33 +0000

Have a 3D printer? Have you tried OctoEverywhere? If not, you're missing out.

OctoEverywhere.com is a maker community project to empower the worldwide marker community with free and unlimited remote access, AI print failure detention, real-time print notification, live streaming, and more.

OctoEverywhere works with any 3D print from popular manufacturers like Prusa, Creality, Bambu Labs, and Elegoo - any printer running OctoPrint or Klipper is fully supported by OctoEverywhere!

Here are some of OctoEverywhere's top features:

🚀 Free And Unlimited Remote Access - OctoEverywhere empowers you with secure, private, and full access to your OctoPrint, Mainsail, or Fluidd web portal from anywhere. The remote access includes full frame rate and resolution webcam streaming!

🤖 Gadget - Free And Unlimited AI Print Failure Detection - Gadget is OctoEverywhere's AI failure detection assistant. The gadget will watch your prints in real time and detect many common 3D printing failures. Gadget will notify you or pause the print if a failure is detected so you don't waste time and filament.

📱 OctoPrint and Moonraker App Support - OctoEverywhere empowers the best community OctoPrint and Moonraker apps to work from anywhere. Apps like OctoApp, Mobileraker, OctoPod, Printoid, and more.

🔔 Real-Time Printer Notifications - OctoEverywhere's notification platform can send notifications about print failures, pauses, progress, completion, layer completion, and more. It's highly customizable and can send notifications to many popular endpoints like email, SMS, push notifications, Telegram, Discord, and more.

🎥 Print Live Streaming - OctoEverywhere's Live Links allow you to share a live stream of your print with real-time stats to your friends, family, or community.

Those are just some of the amazing features OctoEverywhere provides for the maker community. OctoEveywhere is beloved by the community, earning the number 1 plugin for OctoPrint, and has a 4.9/5.0-star rating on Trustpilot.

It only takes 30 seconds to set up OctoEverywhere, and no technical knowledge is required. What are you waiting for? Try it now!

Homeway - Free Remote Access For Home Assistant

Quinn — Fri, 05 Jan 2024 20:23:27 +0000

TL;DR

Nabu Casa, Home Assistant's built-in remote access service, has some fundamental security design issues. I wanted to build an alternative remote access solution so Home Assistant users have another choice. Homeway.io is a free, private, secure remote access project for self-hosted Home Assistant servers.

Homeway supports everything Nuba Casa offers. It enables remote access for the official Home Assistant App and supports Alexa and Google Assistant for secure and super-fast voice control of your home. Homeway is a community project for Home Assistant, built by the community for the community.

Nabu Casa Security Issues

I, like many of you, love Home Assistant. But when I signed up for Nuba Casa, Home Assistant's remote access cloud service, I was a little taken back by the security model. Nuba Casa exposes your local instance of Home Assistant to the public internet, which is a no-no.

Years ago, it was common to port forward locally running servers from your home LAN to the internet from your router. But as the security of the internet matured, it became clear that it was a bad idea. Many corporate and home security incidents resulted from direct internet access to internal-based services, like the famous issue with OctoPrint for 3D printers, where 5k instances of OctoPrint were found on the public internet with no auth.

Home Assistant is super powerful. It holds authentication keys for every home IOT system in your home, it can control critical pieces of your home's infrastructure, and it can even run root-level bash scripts with full unprotected access to your home's private LAN. Home Assistant is not something you want bad actors to get access to.

Nuba Casa justifies allowing public internet access to your private server by asserting it's secure due to the account-based auth that Home Assistant provides. But that's not sufficient for a few reasons:

Home Assistant has a huge API surface area, and ensuring all APIs stay behind the authentication is difficult. In March of 2023, a 10/10 critical security issue was found in Home Assitant that allowed full auth bypass.
Home Assistant doesn't enforce strong user account passwords and authentication. Home Assistant leaves the password generation up to the users, who are notoriously bad at picking strong passwords. Home Assistant does support an opt-in code-based 2-factor authentication but doesn't require it before enabling remote access.
Home Assistant has weak brute force prevention measures. Paired with the vulnerable user account auth above (weak passwords and no 2-factor auth), this makes it easy for an attacker to simply brute force your password and get full access. (brute forcing a password is merely guessing the password over and over until the correct password is found)

Doing a simple Shodan query, you can find 15k Home Assistant servers online right now, exposed to the public internet. Doing a Bing query for the remote URL used by Nabu Casa, you can find thousands of servers exposed directly to the public Internet by Nabu Casa.

There's a Better Way - Homeway

Homeway protects your self-hosted Home Assitant servers by not exposing them to the public internet. You must be logged into your Homeway account to access your Home Assistant server. Our Homeway accounts are protected by advanced authentication features, such as 2-factor auth, 3rd party login providers, and email-based auth challenges when logging in from a new IP.

Homeway has strong securityand privacycommitments. We don't store any of your data on our servers; no credentials, no Home Assistant web data, nothing. Since Homeway doesn't store any of your Home Assistant credentials, Homeway can't even access your Home Assistant server because it doesn't have the user credentials.

Homeway is built by the Home Assistant community for the Home Assistant community. We would love your feedback; please join the project and our Discord to contribute. 🥰

DEV Community: Quinn

OctoEverywhere - Level Up Your 3D Printer

Homeway - Free Remote Access For Home Assistant

TL;DR

Nabu Casa Security Issues

There's a Better Way - Homeway