[smokel]

> They're afraid someone else might create something of value, in part using their API, without them getting their own beaks wet in the process.

In most cases it's not about profit, but about having to invest serious amounts of effort to please one or two hackers, who will then DoS your API as soon as you've made a mistake.

[robertlagrant]

Indeed. The day to day compliance work will be very expensive, and in addition you would need to put a lot of money aside in case of a security flaw.

[xp84]

This is the kind of thing that they frequently hand-wavingly claim, however, 'compliance'? I'm not aware of any US garage door regulatory body.

These same companies have you click through 1000 pages of legalese (that thoroughly covers their butts) in order to use their own apps, which are probably more likely to be compromised than a public API, so I don't know why that would come with more liability.

[xp84]

Well, that certainly is the disingenuous corporate line. But the 'hackers' required nothing of Chamberlain -- what they built was already working, until they played a cat-and-mouse game to block them until the maintainer gave up. There are hundreds of companies that do support Home Assistant integrations or at least let them exist, and maintainers are always eager to fix any issue that comes up.

It's really not a dichotomy between aggressively blocking users from having any control over their own home, vs. some kind of imaginary concierge red carpet public API service that hijacks the company's product roadmap. The open source community will basically do 100% of the work for any firm which doesn't opt to actively sabotage.