The existence of this is fascinating and horrifying at the same time.
I wonder how he tests it though; when writing tons of YAML for K8s or Ansible, you usually test it in a test environment before putting it in production. Unlike the other cases though, a bug in your YAML here can literally lead people to lose their lives.
The actual horrifying part is that this is more of a coping tool than a warning system, as its utility as the latter is limited even in Kyiv. If you are not at the point of accepting your fate, but have already given up on attempting to get to actual shelter, you can set this up and only hide from glass shrapnel for an hour when the cruise missiles and killer drones arrive instead of hiding for hours while they fly all over the country through the gaps of air defense.
For anywhere closer to the frontline than Kyiv this is almost completely useless. Travel time of even non-hypersonic ballistics, hell, even of glide bombs is so short you'd be listening to your alarm and the sound of explosions almost simultaneously.
To see some statistics about the number and duration of air alerts in all regions of Ukraine, including number of media-reported explosions by region and time period, check out https://alerts.in.ua/en, they have a statistical summary section there. Click the hourglass button on bottom of the screen, then filter by time period.
The real question is why there isn't any official API that details the nature of the danger. You shouldn't have to scrape Telegram to figure out the type/speed of the air assault weapon, and the likely time on target.
BTW, also check out Kropyva, it's like Uber for artillery strikes. Very helpful with deleting Russians.
Let's not exaggerate. There are APIs that distribute the list of oblasts (regions) that are deemed to be under attack (for example https://alerts.com.ua/). The only problem is that you don't know if the attack is expected in 10 minutes, or 6 hours, and this is something that the military intelligence has, and could share with a small amount of effort. They effectively already share it via people running those channels.
Also, nothing stops you from redistributing the structured messages through multiple channels.
Journalists who are updating these channels have their own sources in the Ukrainian air defense network as well as OSINTers who, for example, monitor Russian radio traffic using SDR, or even sometimes have people on the ground observing the take-off of planes in Russia and Belarus (horrifically dangerous, but there are ways to send this information somewhat safely; planes tend to be loud). If one of the journalists goes down for any reason, there will be other people writing updates. Each oblast also has their own channels where they announce attacks, some of them owned by the local administration, some by the emergency services. The air defenders themselves are a bit too busy to monitor and write this stuff; often, the best they can do is to write some short messages into a group chat or a Telegram bot before things go down, and even then, all parties involved have to balance providing an appropriate warning window with not letting the timing of this information to reveal the capabilities and locations of different kinds of Ukrainian observation stations. And this whole system has to be simple, since not every trained air defender is tech-savvy in general. Many don't know what an API even is. Many Ukrainians, too, wouldn't understand how to work with an API, but they can read the warnings in Telegram.
Also don't forget that the journalists who curate monitoring channels often also accept reports about the flight paths of missiles and drones from the general public, and while there are a couple of apps for that as well that send data from the phone's GPS and compass while the user is pointing the phone at the object, again, it's a matter of having several information channels that non-technical people can easily use. Even just writing to one of them that you just heard a cruise missile fly by, specifying your rough location, can be helpful, since radar coverage is not 100%. These messages then get relayed back to the people in the Ukrainian AA who are trying to intercept these things in real time.
Then there are the obvious security concerns, personal communications and group chat access can be vetted and it's hard to break the anonymity of Telegram channels from the outside to even be able to target the authors' devices with cyberattacks. While an API must be open to the world, and thus it immediately becomes a target.
It's a messy system but it works.
Kropyva is not available to the general public and it's very far from the capabilities of similar NATO systems, its strength lies in the fact that it's an Android app that can be used on cheap tablets, so it doesn't rely on the military-industrial complex provided hardware, which is safer and more robust, but far more expensive.
I'm not sure what your implication is exactly regarding the HA community, but that aside;
I work in an industry that puts huge emphasis on the risks of software supply chain attacks; regardless of the community, in an ideal world, and in this situation, I too would be making sure any such code was very carefully reviewed by a trusted group of peers (including myself) and using signatures et al to ensure everyone is "getting what they paid for", so to speak.
This might not be relied on to the extent people's lives depend on it, but if it's important enough to use, it's important enough to be sure.
All of that said, it's easy enough for me to say when there isn't such a terrifying list of munitions raining down on my home when I'm trying to get some rest, so a simple step such as "not updating from a known-good configuration" might be enough.
I didn't think I'd ever read a programming tutorial on string matching Tu-95 take-offs and Kalibr launches in anything but a fictional setting, holy shit it feels so surreal. Like a modding guide for Cold Waters or something.
Fascinating use of HomeAssistant. He mentioned uptime monitor in the next section - I wonder what he uses to ensure it stays online? I would guess some sort of UPS or battery backup.
Most of us have something in place since the winter of 2022 when the power outages were systematic due to russian strikes on civilians and infrastructure, amplified by lack of air defence. Most of us needed to work though so some got UPS, EcoFlows, generators, solar systems, even DIY batteries if the budget is low. This year it's more of the same.
What DIY batteries? Have you considered the new sodium/aluminum battery type? I am wondering if that battery could be easy to DIY because sodium and aluminum are cheap and available.
Using technology to improve lives is one thing, but using technology to survive missile attacks is just another level. Sometime I ask myself, will humans ever stop wars once and forever.
I don't think that would be stable. No war means losing the ability to fight which means eventually it'll be easy enough for just one small group to attack somebody much bigger but weaker.
If war is solved by all attacked countries surrendering immediately so one aggressor rules the world, I'm sure factions would emerge within it who are competing for power again.
Maybe a solution could come from some defensive technology permanently outperforming offensive technology? I think people would still find a way and the wars might be or begin by psychologically changing people's allegiances.
Seems to be just a few bad eggs that fuck it up for the rest of us. Everyone I know just wants to get along with their lives, deal with their own problems.
This is an overly broad and philosophical question. It's positioned far away. We could all get together for a cup of coffee and discuss this topic for ages.
A more grounded and practical question would be: why didn't Biden stop the war?
Now we're talking! One should expect lots of contradictory opinions, quite some hostility, a couple of MTG-like personalities with followers and of course this one specific comment downvoted to hell.
But see, that's exactly the point: opinions vastly differ on the same subject depending on whether the situation is a hypothetical one far away or a physical reality.
Readit News
I wonder how he tests it though; when writing tons of YAML for K8s or Ansible, you usually test it in a test environment before putting it in production. Unlike the other cases though, a bug in your YAML here can literally lead people to lose their lives.
For anywhere closer to the frontline than Kyiv this is almost completely useless. Travel time of even non-hypersonic ballistics, hell, even of glide bombs is so short you'd be listening to your alarm and the sound of explosions almost simultaneously.
BTW, also check out Kropyva, it's like Uber for artillery strikes. Very helpful with deleting Russians.
They're distributing the attack surface by using other services.
Also, nothing stops you from redistributing the structured messages through multiple channels.
Journalists who are updating these channels have their own sources in the Ukrainian air defense network as well as OSINTers who, for example, monitor Russian radio traffic using SDR, or even sometimes have people on the ground observing the take-off of planes in Russia and Belarus (horrifically dangerous, but there are ways to send this information somewhat safely; planes tend to be loud). If one of the journalists goes down for any reason, there will be other people writing updates. Each oblast also has their own channels where they announce attacks, some of them owned by the local administration, some by the emergency services. The air defenders themselves are a bit too busy to monitor and write this stuff; often, the best they can do is to write some short messages into a group chat or a Telegram bot before things go down, and even then, all parties involved have to balance providing an appropriate warning window with not letting the timing of this information to reveal the capabilities and locations of different kinds of Ukrainian observation stations. And this whole system has to be simple, since not every trained air defender is tech-savvy in general. Many don't know what an API even is. Many Ukrainians, too, wouldn't understand how to work with an API, but they can read the warnings in Telegram.
Also don't forget that the journalists who curate monitoring channels often also accept reports about the flight paths of missiles and drones from the general public, and while there are a couple of apps for that as well that send data from the phone's GPS and compass while the user is pointing the phone at the object, again, it's a matter of having several information channels that non-technical people can easily use. Even just writing to one of them that you just heard a cruise missile fly by, specifying your rough location, can be helpful, since radar coverage is not 100%. These messages then get relayed back to the people in the Ukrainian AA who are trying to intercept these things in real time.
Then there are the obvious security concerns, personal communications and group chat access can be vetted and it's hard to break the anonymity of Telegram channels from the outside to even be able to target the authors' devices with cyberattacks. While an API must be open to the world, and thus it immediately becomes a target.
It's a messy system but it works.
Kropyva is not available to the general public and it's very far from the capabilities of similar NATO systems, its strength lies in the fact that it's an Android app that can be used on cheap tablets, so it doesn't rely on the military-industrial complex provided hardware, which is safer and more robust, but far more expensive.
...
I don't know anything about the HA community, but I would be very wary of any new commits impacting this plugin...
I work in an industry that puts huge emphasis on the risks of software supply chain attacks; regardless of the community, in an ideal world, and in this situation, I too would be making sure any such code was very carefully reviewed by a trusted group of peers (including myself) and using signatures et al to ensure everyone is "getting what they paid for", so to speak.
This might not be relied on to the extent people's lives depend on it, but if it's important enough to use, it's important enough to be sure.
All of that said, it's easy enough for me to say when there isn't such a terrifying list of munitions raining down on my home when I'm trying to get some rest, so a simple step such as "not updating from a known-good configuration" might be enough.
Dead Comment
If war is solved by all attacked countries surrendering immediately so one aggressor rules the world, I'm sure factions would emerge within it who are competing for power again.
Maybe a solution could come from some defensive technology permanently outperforming offensive technology? I think people would still find a way and the wars might be or begin by psychologically changing people's allegiances.
Enjoy your freedoms: paid for in blood.
Enjoy your freedoms: paid for in blood.
This is an overly broad and philosophical question. It's positioned far away. We could all get together for a cup of coffee and discuss this topic for ages.
A more grounded and practical question would be: why didn't Biden stop the war?
Now we're talking! One should expect lots of contradictory opinions, quite some hostility, a couple of MTG-like personalities with followers and of course this one specific comment downvoted to hell.
But see, that's exactly the point: opinions vastly differ on the same subject depending on whether the situation is a hypothetical one far away or a physical reality.
I bet Russia state actors would pay a lot to controls or infiltrate those channels.