Give Me Hard Mode

You never know what you are going to find in a comment section. Most days, the answer is nothing useful. Every once in a while you stumble into a thread that sends you down a different path entirely.

This week's example: Digital Camera World ran a piece about GoPro filing an updated 8-K with the SEC, warning of substantial doubt about the company's ability to continue as a going concern. The numbers are not pretty. A $93.5 million net loss in 2025. A $432.3 million loss in 2024. A 23 per cent workforce cut already on the books. Memory costs up between 80 and 110 per cent thanks to the AI-driven hardware crunch. The company is openly looking at a sale.

Naturally, the comments on Reddit turned into a wake. One in particular stopped me:

The company, which revolutionised an industry, was ubiquitous with sports action camera terms akin to Google for search, somehow managed to shitify their entire product lineup by prioritising shareholders over customers. Hyper smart and skilled engineering team destroyed by suits.

I do not actually want to write about GoPro. I want to write about the thing that sentence pointed me back to, which is a conversation I had with a friend a few weeks ago, who had just spent a weekend "de-Googling" his Nest devices to keep them working, and the broader pattern that comment section was railing against. The story everyone is mad about, whether they realize it or not, is the same one.

The smart home is on its way to becoming a Ponzi scheme

Ring is one of these companies. Nest is another. So is, depending on the model, half of every smart-thing aisle at Best Buy. The pattern is consistent. Sell a piece of hardware at a thin margin. Tether it to a cloud service that you charge a monthly fee for. Slowly move the features that used to live on the device into the subscription. Discover, eventually, that the engineering team you used to have is now "right-sized" and that the suits are running the roadmap.

I solved this personally, on the camera side, by moving everything to Reolink with a local NVR hidden in the house. The video is on my own disks. The mobile access works fine, even if "fine" requires me to be on my own VPN to use it, which is not exactly the user experience my wife is going to embrace. But I own the footage and I do not pay anyone a recurring fee to look at it. It is a real fix for me and not a real fix for most people.

The trickier case is the small, cheap stuff. I have a smart lock from TTLock which works great, has a basic app, and charges me precisely nothing per month. As a customer this is wonderful. As a technologist it makes me nervous. Because somebody is running the backend that delivers the push notification to my phone when my front door opens. Somebody is paying for the certificate, the API gateway, the database, the staff who keep it all up. That somebody is, eventually, the next batch of customers buying the next batch of locks.

For now, that is a working business model. In the long run, it has Ponzi-shaped problems. New buyers fund the operating costs of the existing fleet. When new buyer growth slows, revenue dries up, costs do not, and at some point the cheapest thing for the vendor to do is turn off the cloud. The smart lock loses its smarts. The cameras stop recording. The thermostat goes back to being a wall ornament. A truly impressive volume of e-waste, generated all at once, because the spreadsheet stopped working in some boardroom we never saw.

Easy mode, hard mode

The fix is not government regulation. It rarely is, and the regulatory cycle is dramatically slower than the product cycle anyway. The fix has to come from the demand side, which is to say from us.

What I think we should be asking for, as customers, is a real choice on every IoT device we buy. Call it Easy Mode and Hard Mode.

Easy Mode is what you get today. The cloud. The app. The push notifications. The dashboard that pulls up on your phone from anywhere in the world. The setup wizard that took your grandmother seven minutes. You pay a small fee and you do not have to think about it. Most users will pick this, and that is fine. The economics make sense for both sides if the fee is honest and proportionate to actual backend costs.

Hard Mode is the other path, and right now it barely exists. Hard Mode means the device fully supports local control. The protocol is documented. The local API is open. The thing keeps working without ever talking to the vendor's cloud, forever. If you want to roll your own dashboard, integrate it into Home Assistant, build a Model Context Protocol server so you can talk to your office light in plain English (more on that in a moment), you can. You do not need to reverse-engineer the firmware. You do not need to extract local keys via a developer portal nobody told you about. You do not need to wait for the OpenBeken community to ship a reflash for your specific chip. The hard mode hooks are there because the vendor put them there as a feature.

Most people will never use Hard Mode. The vast majority will quite happily stay in Easy Mode and never even look at the local-control toggle. That is fine. The point of Hard Mode is not that everyone uses it. The point is that it exists, so that when the vendor's cloud eventually goes away, the device does not go with it. The hardware survives the company. The customer keeps the thing they bought.

I have lived in Hard Mode and it is, currently, too hard

I went through this dance myself a couple of months ago. I picked up a Tuya-based smart light from Costco, and over a long weekend I tore it apart, talked to it locally over its Tuya protocol, and wrote a small MCP server so I can change its colour by talking to Claude in plain English. Today I can say "set the office to a warm dim glow" and the light obeys, with no traffic ever leaving my LAN.

That project was satisfying in the way only weekend hacks can be, and I am genuinely happy with the result. But let us be honest about the path. I had to run nmap against my own light bulb to figure out it was a Tuya device. I had to register an account on a Chinese developer platform to extract a "local key" that the manufacturer never tells you exists. I had to know about tinytuya. I had to debug the wrong protocol version on the first try. None of that is in scope for a normal person. The hard mode I am asking for is not "any sufficiently determined engineer can eventually get there." The hard mode I am asking for is documented, supported, and one toggle away in the setup wizard.

That is the standard we should be holding new IoT hardware to. Show me the local control path before I buy it.

Why the vendors will fight this

I get it. I really do. Every hardware company on the planet has spent the last fifteen years trying to convince themselves they are actually a software company. The reason is straightforward. If you sell a $99 widget and never see another dime from that customer, your margin is whatever you cleared at point of sale. Call it ten to fifteen dollars. If you sell the same widget and tie it to a $5-a-month subscription for the life of the product, your margin per customer goes from ten dollars at point of sale to ten dollars plus a couple hundred over the next several years. Every CEO and CFO on the planet looks at that math and sees only one answer.

The problem with that math is that it assumes you keep the customer happy enough to keep paying for as long as you need them to. It assumes the subscription stays meaningful, the cloud features keep delivering value, and the customer does not eventually wake up and realize that they bought a piece of hardware and are still renting most of its capabilities. The GoPro's article comment section on Reddit is what it looks like when that assumption finally breaks. Suits chase the SaaS line on the spreadsheet. Engineers leave. Product quality slides. Customers notice. New buyer growth slows. And then the cycle I described above kicks in and the fleet is at risk.

Hard Mode is the relief valve for that whole cycle. It gives the customer something to keep even if the company does not. It limits the damage when the vendor inevitably decides the cloud is no longer worth running.

The standards problem is real and I do not have a clean answer

I will close on the honest hard part, because I think I would be lying if I pretended I did. Even if every IoT vendor on earth woke up tomorrow and decided to ship a Hard Mode, the local-control story is fragmented in a way that makes the user experience genuinely difficult.

Devices speak Wi-Fi, Zigbee, Z-Wave, Thread, LoRa, and BLE, sometimes more than one at a time. On top of those wire-level protocols you have the application layer. Matter is the most credible attempt to unify the application layer, but it does not cover every device class and its rollout has been bumpier than promised. Apple's HomeKit is the cleanest end-user experience by a wide margin, but adopting it means buying into the Apple ecosystem at every level, which is just trading one cloud lock-in for a slightly nicer cloud lock-in. Home Assistant is the most powerful local hub on the market, and it is also a project that asks a non-trivial amount of YAML literacy from the people running it.

There is no clean unifying answer here yet. Matter plus Thread might get us most of the way there over the next three or four years if the major players commit. They might also keep dragging their feet because each of them would prefer to be the unifying ecosystem itself.

The bottom line

The bottom line is this. The smart home is on a trajectory that will, sooner than people realize, leave a lot of expensive hardware sitting dead in people's walls when the vendors decide the cloud is not worth running anymore. The fix is not to ban the cloud or regulate the subscriptions. The fix is to start refusing to buy devices that cannot survive their manufacturer. To treat a documented local-control path as a feature you check the box on before you check out.

Give us Easy Mode for the people who want it. And give the rest of us Hard Mode, properly supported, so that when the inevitable comment section eulogy gets written for the next vendor, the customers are not also burying the things they paid for.