> ...looks like they reverse-engineered the nest thermostat and wrote a firmware... Not to dimi...

EvanAnderson • 11/04/2025 • 2 replies • view on HN

> ...looks like they reverse-engineered the nest thermostat and wrote a firmware...

Not to diminish what this project has done, but they modified existing firmware to make it communicate with a different server. They've also implemented a server for the thermostat API.

It's pretty neat but, at this point, it's just a hacked firmware that talks to a different proprietary server.

Edit: It's not even a modification to the firmware binaries. They're just injecting /etc/hosts entries into the firmware[0]. If the Nest device just uses DNS to resolve these names then you wouldn't even need to modify the firmware-- just point it at a DNS server that's authoritative for the necessary names.

[0] https://github.com/codykociemba/NoLongerEvil-Thermostat/issu...

Replies

forgotusername6 • 11/04/2025

Does it not use TLS? Wouldn't the Nest have to trust a CA willing to issue certificates without proving ownership?

➕ show 1 reply

EvanAnderson • 11/05/2025

Piling-on to my comment here: They're using an exploit to get access to the filesystem of the device: https://wiki.exploitee.rs/index.php/Exploiting_Nest_Thermost...

alt Hacker News

Replies