#Security - Am I missing something?

Hi All. One of the strong points in the original design of HA was that it could all work locally. Further, by re-flashing devices one could ensure that no questionalble code was being executed. Currently, there seems to be no end of people making videos Etc that show one how to integrate various devices into HA. Many achieve this by using a third party App which asks one to enter their SSID and password. Doesn't this just throw away all security by putting those pieces of information in the public domain somewhere? I'm not an expert with any of this but rather confused. For example integrating Tuya Local has quite a complicated install. Has it compromised security by allowing a cloud based account to talk to a device? What about Ewelink, Broadlink, Shelly WebServer? How do other people gain access to these devices and still maintain the integrity of their credentials?

basically yes

most folks just buy new devices instead of the ones they see don't let them use local

There are different levels of integrations from fully local to fully cloud and in between

A lot of people simply don’t give a shit or are ignorant to security or privacy and just ‘wanna do cool shit’ so they’re okay with cloud options including Chinese clouds…

Security conscious people stick to zigbee, zwave, or Wi-Fi/Ethernet lan only options and then segment those IoT devices to their own ssid and vlan with firewall rules blocking them from reaching out WAN

Ok so Iook wistfully at all the devices and all the things the apps can do but steer clear. Isn't it the case that about 99.9% of devices are now made in .cn and even those that used to me DIY friendly are now becoming closed forcing one to have to use third party apps to use them or at least register to use them?

Well there’s a huge difference between made in china for a us company and made in china by a Chinese company for a us market

And if you’re buying devices that connect to a mesh that you control like zigbee or zwave then you have full control and it has no way to phone home

Idk what you mean by the last part

If you’re talking about flashing tuya devices with tasmota or esphome yes a lot of them are no longer using espressif chips so you can’t easily flash them with open source firmware

But that doesn’t really matter