What could Matter and Thread imply for the private connected home?

published Nov 16, 2022

Free software users and privacy advocates have questions. This post is currently strictly speculation and will be updated as time goes by.

The State of the Open Home has been recently published.  It's a fascinating watch that contains a long list of improvements for those who want open — yet private — homes.  Most of the State talk is actually amazing (minus the "musical interlude", let's call it that).

There is, however, an alarming bit for those listening keenly to what's being said.  Without further ado:

Let me partially transcribe:

"When we roll out Matter, we will support Thread through, basically, Apple and Google... it will be on their Thread network... and we can, actually, talk to these devices..."

Huh.  That seems concerning.  Matter/Thread devices can be bound to (and obey) multiple master devices,  so they would have the possibility of having multiple things controlling them.  That's not a bad thing in principle; however, on the proposed pairing model alone, this would leave you with at the very least one master, alone, a bunch of strangers controlling your device, outside your own home.  Home Assistant can directly talk to these devices — nice! — but can Home Assistant prevent interlopers (such as Google or Apple) talking to these devices?

How?

It looks like the answer is no.  Matter devices would — by statement of the main devs themselves —  not be able to be onboarded directly onto Home Assistant (unlike the norm regarding all Z-Wave and ZigBee users who adopted Home Assistant).   According to the conversation in the video, you can supposedly talk to "your" Matter/Thread devices privately and entirely in your local network, but (keen minds want to know) "it's their (whose?) network" nonetheless — not yours — and, local or not, the jury's out on whether you can usefully firewall those gizmos off the Internet using IP technology like iptables, to prevent covert and unauthorized conversations with interlopers.

Either way, even if you can control devices locally, initial device onboarding seems to be a problem.  The future State of the Open Home at minute 27 or so, is pretty depressing.  "Open"?  To whom?  To Google and Apple?  Sigh.  Can you onboard devices without them?  The answer to that question is pretty much left floating in the air.  Maybe some reverse engineering is in order to talk to the junk you and I bought so enthusiastically... but didn't we already do this for like ten thousand integrations that work well already?  If I told you that you can open "your" beer bottle, but only if you call The Coca-Cola Company to bring a bottle opener guy with an actual bottle opener – would you say you own your alleged bottle beer?  Could I even say "I opened your beer bottle"?

Maybe you will own nothing?  Hopefully at least you can remote-control what you don't own...  It's clear the tendency is, you will own nothing, as the scope of things you can do without approval from one of a few megacorps (all under control or surveillance of the United States Government)... but you are certainly allowed to pointlessly bitch by voice at your devices, and hopefully they will obey some of your commands.  Hell, at least one of these corporations will spend a fraction of a million CPU cycles to bitch back at you for free.

I have to ask: did nobody in the Matter and Thread spec groups think about commissioning without Internet access?  Or is the Matter assessment by the Home Assistant leads based on a narrow view of how the ecosystem is supposed to work?  The last time they spoke about this, they explicitly mentioned that a Matter device could be bound to multiple hubs / controllers — which is a good thing! — but at no point did they even insinuate that Matter devices sorta were gonna require megacorp onboarding before use.

Based on the answers we get from the State of the Open Home, and publicly-available documents, whether you can use future new Matter devices seems to be a trick question for the open and private home dweller.  Matter's network and onboarding process appear to require IP at some level, and they require linked command & control at another level.  That means less privacy and sovereignity than Z-Wave and ZigBee, right out of the gate.  Whether I am right or wrong about this specific claim, it's hard to deny that the specs seem outlined (very cynically) to sideline open systems like Home Assistant.

Hard to believe this state of affairs is accidental.  I know Apple and Google thought inside the box.  Button push to enlist your newly-purchased device into your home army?  LOL.  Ha!  No way!  That's the old way.  Why doesn't your device just trust us?  There are royalties to be earned!

I understand.  When I worked at Google, I also thought the same way.  Why can't the world revolve around our amazing ways to solve problems... that few others have, and make the world dependent on us?  Maybe that's why my compensation was so off the charts.

Who would have guessed that such abstract concepts like your computing or your domestic sovereignty were so lucrative?

Dear reader — if I have made a factual mistake here, or you have comments, please don't hesitate to log them here in the comments area.