80 is desirable because it’s the default port of web browsers and means you can just visit the DNS or up address & not have to remember to tack on some arbitrary port number. Or use some sort of proxy if setup.
And there’s nothing wrong with using port 80 security wise. Binding a port doesn’t mean you’re opening it on the firewall for the world to see. Plus if you’re opening some port on the firewall, what port you use doesn’t matter - it’ll be scanned by an automated scanner shortly regardless of port.
The downsides of choosing port 80 for your all-important lightbulb dimmer switch telemetry are that:
1. browsers don't even attempt encryption,
2. the port could be open to the world, and
3. lots of people are already running more meaningful shit on port 80.
Seriously, you want to sell me a lightbulb that needs root access and then opens an unencrypted port and then makes outbound calls...? Are you nuts? That's beyond lazy design. It's almost like an intentional insult.
[edit] If you set up a home service on your local network, surely you can also bookmark the obscure port number next to the 128/ address in front of it. The only purpose served by turning your light bulbs into a beacon from hell on port 80 would be letting strangers totally penetrate your house. What happens if you start up a webserver? Do the lights go off?
1. OK, but it's a LAN - who cares. It's either that or you're in self signed cert hell anyway.
2. If that's the case you have major issues going on which are irrelevant to the port chosen
3. On a single IP - so what? Every device can open it's own port 80 on your LAN without any conflict
> Seriously, you want to sell me a lightbulb that needs root access and then opens an unencrypted port and then makes outbound calls...? Are you nuts? That's beyond lazy design. It's almost like an intentional insult.
This doesn't make any sense. Are you talking about a single light bulb or actual orchestration software? Both need to communicate to actually do anything.
> edit] If you set up a home service on your local network, surely you can also bookmark the obscure port number next to the 128/ address in front of it. The only purpose served by turning your light bulbs into a beacon from hell on port 80 would be letting strangers totally penetrate your house.
This also doesn't make any sense. There is no reason a device on your local network listening on port 80 makes it a 'beacon from hell' - because again, listening on LAN & WAN are 2 very different things. And the port it's using has 0 bearing on security.
> What happens if you start up a webserver? Do the lights go off?
Absolutely nothing - because again there is no conflict with different devices on your LAN using the same ports to listen on.
You're mixing up a number of different things here & making issues where there aren't any. A device on your network opening port 80 doesn't magically make it accessible to the world for poking & prodding or result in any conflicts that cause things to stop working.
And when it comes to orchestrators like Home Assistant - you can choose any port you so desire. But changing the port doesn't make it any less or more secure.
And there’s nothing wrong with using port 80 security wise. Binding a port doesn’t mean you’re opening it on the firewall for the world to see. Plus if you’re opening some port on the firewall, what port you use doesn’t matter - it’ll be scanned by an automated scanner shortly regardless of port.