Dear Andre,

I'm Gianpiero Morbello, serving as the Head of IOT and Ecosystem at Haier Europe.

 It's a pleasure to hear from you. We just received your email, and coincidentally, I was in the process of sending you a mail with a similar suggestion.

I want to emphasize Haier Europe's enthusiasm for supporting initiatives in the open world. Please note that our IOT vision revolves around a three-pillar strategy:

    achieving 100% connectivity for our appliances,
    opening our IOT infrastructure (we are aligned with Matter and extensively integrating third-party connections through APIs, and looking for any other opportunity it might be interesting),
    and the third pillar involves enhancing consumer value through the integration of various appliances and services, as an example we are pretty active in the energy management opening our platform to solution which are coming from energy providers.

Our strategy's cornerstone is the IOT platform and the HON app, introduced on AWS in 2020 with a focus on Privacy and Security by Design principles. We're delighted that our HON connected appliances and solutions have been well-received so the number of connected active consumers is growing day after day, with high level of satisfaction proven by the high rates we receive in the App stores.

Prioritizing the efficiency of HON functions when making AWS calls has been crucial, particularly in light of the notable increase in active users mentioned above. This focus enables us to effectively control costs.

Recently, we've observed a substantial increase in AWS calls attributed to your plugin, prompting the communication you previously received as standard protocol for our company, but as mentioned earlier, we are committed to transparency and keenly interested in collaborating with you not only to optimize your plugin in alignment with our cost control objectives, but also to cooperate in better serving your community.

I propose scheduling a call involving our IOT Technology department to address the issue comprehensively and respond to any questions both parties may have.

Hope to hear back from you soon.

Best regards

Gianpiero Morbello
Head of Brand & IOT
Haier Europe

If only they would have reached out this way the first time instead of a cease and desist, their brand getting dragged through the mud could have been avoided.

181 points

Well, how about having a local API and have no calls at all to your cloud infrastructure? Probably too easy and you cannot lock people into your ecosystem.

permalink
report
reply
76 points
*
Deleted by creator
permalink
report
parent
reply
94 points

As if I needed yet another reason to never ever own a Tesla.

My car has this crazy technology in it: You can stick the key in the door and twist and it’ll unlock. Even if the network is down or the battery is dead. Arcane, right?

permalink
report
parent
reply
24 points

Anyone buying a Tesla at this point either knows they’re buying a shit car purely for the status symbol, or they’re a rube. Fools and their money and all that

permalink
report
parent
reply
9 points
*
Deleted by creator
permalink
report
parent
reply
4 points

I will be driving my 03 1.8t 5mt Jetta into the ground, thank you very much.

permalink
report
parent
reply
3 points

The issue you are experiencing likely has nothing to do with the VPN. Network connectivity is not needed to unlock the car. I have been in places with no cell phone signal and it still works.

I do sometimes experience the same issue you are. If I wake up my phone, then it works. So it may be working for you not because you disabled the VPN, but because you woke up your phone and it then sent out the bluetooth signal to let the car know you were nearby.

permalink
report
parent
reply
2 points
*
Deleted by creator
permalink
report
parent
reply
3 points
*

Can’t you just put the key in? Do they even have physical keys?

permalink
report
parent
reply
3 points

The physical key is a smart card. The size of a credit card

permalink
report
parent
reply
2 points
*
Deleted by creator
permalink
report
parent
reply
2 points

I think it could definitely be possible to do locally, and I wouldn’t want a car where I have to connect to servers to connect to it. But I am also not sure I want a car that can be opened with a command on the car itself. The code to access your CAR being stored locally on the car itself, with no server side validation, does seem kinda scary. It’s one thing for someone to manage to get into your online login where you can change the password, it’s another for someone to literally be able to steal your car because they found a vulnerability. It being stored locally would mean people would reverse engineer it, they could potentially install a virus on your car to be able to gain access. Honestly, as a tech guy, I don’t trust computers enough to have it control my car.

permalink
report
parent
reply
3 points
*
Deleted by creator
permalink
report
parent
reply
1 point
*
Deleted by creator
permalink
report
parent
reply
18 points

Someone tell Gianpiero! You could save up to 20% on Amazon fees in just 5 minutes. Commit to a Local API today!

permalink
report
parent
reply
4 points

Probably more. Your app can use the local API then as well. And AWS is insanely expensive, especially if you forget to block log ingestion to Cloudwatch (ask me how I know).

permalink
report
parent
reply
1 point

I’m cynical so I assume they are turning a profit selling user data. So the lost money is not from AWS expenses but from not having installed apps to steal more data.

permalink
report
parent
reply
6 points

Yep people should only purchase things that don’t require the cloud. Local control is the best.

permalink
report
parent
reply
4 points

I’m glad the people with this device are getting traction on using it with their HA, but holy hell this is a complete non-starter for me and I cannot understand why they got it in the first place. There’s no climate automation I would ever want that is worth a spying device connected to the internet and a spying app installed on my phone.

permalink
report
parent
reply
3 points

Extend this to robot vacuums. I have no clue in hell why anyone would want their vacuum connecting to a cloud service that won’t be there in 2 years.

permalink
report
parent
reply
110 points

It’s damage control, they realised what they did was getting them bad PR since news of it started spreading so they are attempting to remedy the bad PR through damage control

Corporations only care about profits, not people

permalink
report
reply
78 points

Oh absolutely agree, but this is where they can use it.

The dev can say that they obviously need an official plugin, and work with them on that because now they have 1,800 clones of an unofficial one that may not be optimized.

We also get to know that our tiny HA community has hit a critical mass large enough to get a corpo to freak out a bit

permalink
report
parent
reply
15 points

I did my part and sent them a “do this and I’ll never buy a Haier product” email. Corporations exist to maximize profits. Communities like ours just have to learn how to make it clear to them that shutting us out will hurt their profitability.

I think we should all be really proud of ourselves. We banded together and, regardless of WHY Haier is doing this, got them to open a line of communication. This is a huge win!

permalink
report
parent
reply
4 points

Yup, sent an email and left a message, calling out Haier, GE, Fisher Paykel, etc as not on my list anymore due to this behavior.

I’ll call it a win when it’s fully resolved though.

permalink
report
parent
reply
28 points
*

Yes, it is damage control. That’s OK.

The whole point of spreading the word about an incident like this is to get public attention on it, and make the company realize that the way they’ve handled things was bad.

A letter like this indicates that they’ve realized they fucked up and they want to do things differently going forward. That doesn’t mean they’re suddenly trustworthy, but it does mean they can be negotiated with.

The correct response is to accept the offer of working together. We want to encourage companies to be cooperative and discourage insular, proprietary behavior. If you slap away the offered hand then you discourage future cooperation, and now you’re the roadblock to developing an open system.

When you start getting the results that you want, don’t respond with further hostility.

permalink
report
parent
reply
10 points

Exactly this. I understand the cynicism, but it ultimately doesn’t matter what the motivation of a company walking back a poor decision is. We take the chance for mutual collaboration and hopefully everyone benefits.

On an individual level, that’s when people can evaluate if they still want to boycott and do whatever their own moral compass demands. But refusing to work together at this point just means we definitely don’t get the chance in the future to steer things in a better direction.

permalink
report
parent
reply
7 points
*

And even if the cooperation doesn’t last, it’s an opportunity for the open source developers to work with the product engineers and get direct information from them right now. There’s nothing as valuable as talking to the guy that actually designed the thing, or the guy who can make changes to the product code.

Even if that relationship doesn’t hold long term, the information gathered in the short term will be useful.

If I were part of this project this is what I’d be going for. Push the company to give you direct contact with the relevant engineers, right now while the negative public opinion is fresh and they’re most willing to make concessions, and then get as much out of that contact as you can. Take them at their word, make them actually back it up, take advantage of the offer to cooperate. Sort the rest of it out later.

permalink
report
parent
reply
-1 points

Nope.

They’re on the ropes.

Keep pummeling them. There’s no integrity behind this, and going along will just let them get away with their bad behaviour.

They played the “We’ll sue your ass off” card first. That means it’s already in the legal realm, they never even triedto work with the OSS community, they basically said “fuck you” until the community replied, very clearly.

Had the community not responded by replicating the repo 1000+ times, and making a story about it, they would’ve continued down the path of slapping the little guy around.

They now realize they can’t compete with potentially 1000 people working on this, against them. They also fear they’ve pissed off some technophile who has some serious skills or connections. Wonder if they saw a sudden increase in probes on their internet interfaces.

Make it hurt. Let them be the cautionary tale.

permalink
report
parent
reply
70 points

Yeah, they can fuck off. When their opening salvo was threats and legal bluster, I don’t see why anyone should trust an alleged olive branch now. The right thing to do was not to send this email second.

I have to work with Haier in my business now as well ever since they bought GE. They’re a shitty company that goes back on their word constantly (at least within the B2B space), and nobody should be giving them one thin dime.

permalink
report
reply
37 points

Legal threats come from lawyers, while this email comes from an engineer.

permalink
report
parent
reply
18 points

… Which makes it even less credible legally.

Unless you’re getting C-suite level emails saying they’re not going to do it, don’t trust them.

And even then you should be ready to sue.

permalink
report
parent
reply
12 points

But a company is a sum of these (and other) people. In this case, it’s a draw at best, not a win.

permalink
report
parent
reply
5 points

Generally, an engineer wants their product to work well and work efficiently. They put effort into a product, and it feels good to see people benefit from that work. The ones making the decisions have money on their mind. If a FOSS version of their paid platform costs them too much money, they will shut it down. Not because it was the engineers decision, but because the one’s making the decision likely don’t even know what github is and just know it’s taking away that sweet subscription money.

permalink
report
parent
reply
1 point

So?

They both represent the company. The company came on strong all ban-hammery, the news flashed around, his repo got forked over a thousand times in a matter of hours.

Haier found themselves on the defensive suddenly, so they got one of their engineers to play nice.

They now know they have 300k users who are pissed at them. People are choosing other products over this already.

Fuck them. With a pineapple. Corporations aren’t people, I owe them no consideration, no courtesy, especially when they act like this.

permalink
report
parent
reply
26 points
*

Respectfully, I disagree. Yes, indeed this first message is PR damage control, but there is something to be gained here for the FOSS community.

This backtrack sends the message out, discouraging other companies with legal departments from trying the same trick else they risk sales. If a positive resolution comes out of this (A. Andre’s project becomes officially supported by Haier with more features whilst being more efficient with API calls, or B. Haier develops a local API option) then it shows other companies there is value in working together with the FOSS community rather than viewing them as an adversary or as competition to be eliminated.

permalink
report
parent
reply
4 points

Nah, this is Haier trying to save face. They saw how the story went, that the repo was forked a thousand times in a few hours. They know their engineering team can’t win, long term, against dedicated, pissed off geeks.

Would they play nice with you if the tables were reversed? No.

They already played the legal card, engaging with them at this point would be extremely naive.

Fuck them. Now is the time to pummel them even harder. Making them eat their words is what will send a message to the rest of the jackasses designing garbage and tracking us relentlessly for access to what should be trivial to engineer features.

permalink
report
parent
reply
69 points

Recently, we’ve observed a substantial increase in AWS calls attributed to your plugin, prompting the communication you previously received as standard protocol for our company, but as mentioned earlier, we are committed to transparency and keenly interested in collaborating with you not only to optimize your plugin in alignment with our cost control objectives,

i get it; their amazon account gets hit hard by some plugin data stream, they trace the source and kill it for monetary reasons. makes total sense. handled terrible, but still, i also completely understand getting some giant bill from amazon and freaking the fuck out.

permalink
report
reply
66 points

Sounds the solution is to allow users to not have to connect to the server in the first place and communicate across a local network.

Because they’ve probably killed more money from loss of sales through this stunt than they have from AWS fees.

permalink
report
parent
reply
30 points

I highly doubt it. Lemmy isn’t representative of the general population, and the general population has no idea what Home Assistant is.

permalink
report
parent
reply
12 points

The general population is very much influenced by the Home Assistant community since the Home Assistant Community is made up of people who are heavily into technology. My parents will run purchases in the tech world past me, as will many of my work colleagues and friends.

The general population are very interested in what we do, even if they do not do it themselves. I mentioned to a tech-phobic friend that I have sensors in my bath that notify me when my bath is run and he takes the piss out of me to my face then talks about how amazing such a thing is behind my back, I know because it happened yesterday. Who do you think he’s gonna talk to when he buys his next expensive appliance?

Don’t talk our influence down, we have an influence even if you can’t see it.

permalink
report
parent
reply
3 points

This news wasn’t limited to Lemmy, you know.

permalink
report
parent
reply
3 points

But you have to remember, that’s true for lost sales but it’s also true for API calls - only a small fraction of their user base is contributing to this high API usage

permalink
report
parent
reply
44 points

“We don’t know how to rate limit our API or set billing alarms in the AWS console.”

permalink
report
parent
reply
0 points

They likely due. However overhead cost is overhead cost

permalink
report
parent
reply
12 points

Yup exactly. They just need better responses than “get legal on the phone”

permalink
report
parent
reply
-6 points

Did you not read the letter you posted? It said a call with the IoT department.

permalink
report
parent
reply
17 points

Did you not read the linked issue? The first thing they did, before this letter, was sending a cease and desist

permalink
report
parent
reply
36 points

From the previous issue it sounds like the developer has proper legal representation, but in his place I wouldn’t even begin talking with Haier until they formally revoke the C&D, and provide enforceable assurances that they won’t sue in the future.

Also I don’t know what their margins are like, but even if this cost them an extra $1000 in AWS fees on top of what their official app would have cost them (I seriously doubt it would be that much unless their infrastructure is absolute bananas), then it would probably only be a single-digit number of sales that they would have needed to loose to come out worse off from this.

permalink
report
reply

Selfhosted

!selfhosted@lemmy.world

Create post

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

  1. Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

Community stats

  • 5.1K

    Monthly active users

  • 3.6K

    Posts

  • 81K

    Comments