[Ajedi32]

I wasn't aware of that. One other concern I have with Matter is that, if I understand correctly, Thread+Matter devices get their own IP address with internet access, whereas with Zigbee all of that has to be controlled by the gateway.

In theory that's a win for Matter, but I'm a little concerned about the security and enshitification problems that might cause. I kinda like the idea that I can buy a cheap IoT lock off Temu and as long as my Zigbee gateway is secure there's very little chance of that decision coming back to bite me...

[Ajedi32]

Others have pointed out I might be wrong about this. See: https://news.ycombinator.com/item?id=45837052

[cptskippy]

Having network access is my primary concern. The protocol was developed by the largest adware companies on the planet...

I'm sure someone will chime in and say you can setup a VLAN and restrict all Matter devices from the internet yada yada...

You don't have to do that with Z-Wave or ZigBee. And with ESPHome you know exactly what the device is doing because you have 100% control over it.

[protimewaster]

This is, to me, one of the absolute biggest selling points for ZigBee and Z-Wave.

I can get some random, vendor I've never heard of, ZigBee sensor, and I know it won't do anything rogue on the internet because it doesn't have any way of getting to the internet.

Also, ZigBee is extremely power efficient compared to WiFi. With ZigBee, I don't mind putting a sensor in the crawlspace or somewhere a pain to get to. It won't need the batteries changed for a year or two anyway.

I know Matter can work over more efficient means than WiFi, but most of the cheaper devices I find are WiFi. A cheap ZigBee device is still ZigBee.

[ianburrell]

Many Matter products are running on Thread, which uses the same radio as Zigbee and has the same power savings.

Thread doesn't have accessible IP address. It uses IPv6 and the ULA space which is non-routable.

[protimewaster]

As I said, my experience has been that the cheaper products run on WiFi. I also don't like that a product advertising "Matter" doesn't answer the question of whether it uses WiFi or not.

I much prefer that a $3 ZigBee temperature and humidity sensor definitely doesn't use WiFi rather than having to dig to see if a cheap a Matter sensor uses WiFi.

I also much prefer the prices of ZigBee.

[cptskippy]

Is there anything preventing a Matter product from also requesting an IP address from your DHCP server and getting a route out to the internet?

[ssl-3]

Neither Matter nor Matter-over-Thread require Internet access.

We really should be yelling for advancements in simple-to-configure dedicated, restricted VLANs and SSIDs for IOT devices instead of yelling about how inappropriate we think that using IP is.

(Historically, IP wins in these conundrums anyway. IP has been succession of grand successes for decades.

Resistance is futile. We should work to prepare for the eventually of what is to come.)

[tpmoney]

> Neither Matter nor Matter-over-Thread require Internet access.

The protocols themselves might not but as a warning to people looking for “matter” as an indicator they can have local only control, apparently the matter spec doesn’t require local only setup. I bought Honeywell’s new matter thermostat and in order to get the QR code and keys you need to register it to a matter controller, you first have to download their app and connect the thermostat to their cloud, so that you can get the keys from the app. So the matter capabilities are still useless

[DavidPeiffer]

>We really should be yelling for advancements in simple-to-configure dedicated, restricted VLANs and SSIDs for IOT devices instead of yelling about how inappropriate we think that using IP is.

What is the lay of the land for typical consumers in this respect? Any products you've worked with or would recommend?

I've recently started with Home Assistant and have been adding devices to my single network. The ISP provided eero modem/router doesn't provide VLAN capability.

[ssl-3]

I don't use consumer off-the-shelf routers enough (these days) to know the lay of the land very well. But when I do get my hands on them (usually when a friend wants help with something), I do have a look through the config options just to see what functions they expose. And I don't see that kind of thing available in the configs of the stuff I've recently had my hands on.

In my own little world at home, I just use OpenWRT (on a now-old Raspberry Pi 4), Mikrotik access points, and with some random switches that grok 802.11q wherever they are useful. This has let me do whatever I've imagined wanting so far with VLANs, SSIDs, routing, firewalling, ...

And a person can also use a one-box solution running OpenWRT (the OpenWRT One is such a box) or Mikrotik's RouterOS (like their succinctly-named L009UiGS-2HaxD-IN).

But all of that is drifting pretty far from the concept I'd like to see, which is:

Person walks into Wal-Mart. Person buys a router, and some Matter wifi light bulbs. As a part of setting them up, they're walked through a simple process of making an isolated network for those light bulbs.

And we don't seem to be anywhere near there yet.

(And that may seem like a far-reaching goal to some, but similar things have been accomplished in the past. A router from Wal-Mart used to boot up out of the box and Just Work -- while providing a completely unfettered, unencrypted networked named "linksys" or "NETGEAR" for anyone within earshot to participate in.

Things are longer that way these days. Consumer routers have tended to provide secure-by-default wireless networks for a rather long time now. At least in that one little, important aspect of consumer goods, sanity did eventually prevail.)