52. Home Automation and Security Done Right

52. Home automation and security done right (and wrong) - with Stephan van Rooij

In this episode, we talk to Stephan van Rooij, an MVP in security, who writes stuff on Azure AD application security, mainly focused on multi-tenant applications. He founded Roostersync, the most popular product for synchronizing millions of items from different school timetable applications with Microsoft 365 calendars on a weekly basis. He likes to tinker with home automation devices and created several open source projects on this topic. We discuss sonos2mqtt, his most successful project with over 235,000 pulls from Docker Hub, and how you can use this in your home automation. We dive into the security side of home automation and the precautions he takes, such as splitting up his home network and monitoring DNS traffic to block tracking. This led to his discovery that his “smart” oven was sending requests to three domains every five minutes, namely; google.com, yandex.ru, and baidu.cn. Apparently, the manufacturer uses global infrastructure to test internet connectivity. Strange, to say the least. We continue with Stephan’s reasons for always using local control for his home automation devices. And his enthusiasm for Home Assistant, an open source home automation and privacy-oriented plpasswordless.

About this episode, and Stephan van Rooij in particular: you can find Stephan on X @svrooij & GitHub. You can read all his blogs on his website you can also find his blog there about, protection against certificate extraction. And, visit the website of FIRST the Tech Challenge.

About Betatalks: watch our podcastvideos and follow us on LinkedIn, Instagram and Bluesky.