FAQ: Sharptools , actiontiles or native ST app for your wall panel? (2020)

Yea, the angel on my shoulder says you know InfoSec, why are you downloading from a site like that and entering in your google credentials? The talking thing on my other shoulder is saying look how much money you’ll save using Kindle fires! Decisions or risk/reward, I know…

APKMirror does not need your google credentials.

I’m in a similar boat, wanting to check out ActionTiles and SharpTools, i understand how they work visually on the front end. But what about the back end?

Does all requests go through their servers, so for example just to turn a light on does the request go from

My device >> ActionTiles/SharpTools >> SmartThings >> Light bulb providers server…

Then back again for the state to update the light is on?

What about security do ActionTiles/SharpTools have access to my smart home stuff in SmartThings and can view my Ring cameras for example?

correct. But what you download from them does, right? Is there a hash you can compare from Google?

Wrong. It doesn’t.

There are hashes listed on APKMirror. But I understand you might want to get it from somewhere else. You’d have to look around for it. I’m guessing the hash availability depends on the app.

I have no idea what a hash is. You install the APK, then it shows up as an app within your google play store. I t will auto update, etc., just as if you installed it from Play

A hash is a way to make sure a file is legit from whomever compiled it. For example, if someone took the Google play store loader, added a tracker or call home to it, and repackaged it and called it Google_play_store.apk, who would know?

Many people use that apk site, so maybe not a concern. I do see patches come through at work all the time on legit items (windows, etc) where I wonder if these apk files would get vulnerability updates.

I’m beating my own dead horse on this one. I just need to do it with the Kindles, or buy some other branded used tablets.

Not a complete waste. I learned what a hash is.

1 Like

So i’m guessing nobody knows, or the lack of response means yes ActionTiles/SharpTools have full access to all your smart home equipment and camera feeds just to use their visual theme.

Is it just me or does this seem like a terrible trade off?

I can’t speak for ActionTiles, but yes for Sharptools. The camera feeds depend upon the system you’re using, but if Smarthings can see it, so can Sharptools.

There is no trade-off. It’s just an additional tool that you can use for control. You still have full functionality of the underlying Smartthings app.

Thanks, yes i found the ActionTiles privacy policy and it seems they collect all your data like Name, Phone, Location data, all your smart home products, usage data, view your camera feeds etc.

For SharpTools i couldnt find much of a privacy policy, just a link to Zoho’s which is an Indian CRM i guess they use.

Yeah i cant see too many people using these solutions, to me it’s like giving someone access to your whole PC just for a pretty screensaver. Does SmartThings have a local theme that just runs on your phone to visually enhance the look and layout of the SmartThings app?

Yikes! Guess I should read that privacy policy a little more carefully.

1 Like

It works the same way Google Home, Alexa, IFTTT, or any other external integration works. The integrations use an industry standard called OAuth to allow you to authorize what you want each platform to have access to. You can choose to authorize only specific devices and the integration is issued a token which has access to only those devices. At any point in time, you can choose to revoke that authorization.

Media Tiles stream directly between your browser and the camera. (eg. Camera streams do not go through SharpTools or ActionTiles at all). A common approach is to use a URL to an MJPEG stream or image snapshot from an IP camera on your LAN. The stream is going straight from your camera to your browser.

Side note, the SmartThings integration does not expose the camera stream for Ring even if you authorize that device in a third party service.

The SharpTools Privacy Policy is linked directly below the login. Here’s a direct link:

https://cdn.sharptools.io/policies/privacy.html

We take security and privacy very seriously. As a service provider for the smart home industry, we are a custodian of access to the devices you authorize and we take that responsibility very seriously.

8 Likes

Ok fantastic, thanks for taking the time to clarify this and it’s good to know the camera streams aren’t visible. In the privacy policy it mentions:

"If you use our Apps, we may also collect the following information:

We may request access or permission to certain features from your mobile device, including your mobile device’s Bluetooth, calendar, camera, contacts, microphone, reminders, sensors, SMS messages, social media accounts, storage, and other features. If you wish to change our access or permissions, you may do so in your device’s settings. We may automatically collect device information (such as your mobile device ID, model and manufacturer), operating system, version information and IP address"

This is still a huge amount of data for just a visual theme, it’s essentially everything. Also i didnt find your privacy policy before because you have to click login to go to the page to find the link. Since i haven’t purchased yet i didnt try to login.

I’m only new to SmartThings, so i wasnt sure if this amount of data disclosure is normal for a SmartThings addon.

1 Like

Keep in mind that ‘Apps’ is referring to our mobile app (the dashboards / Rule Engine are referred to as ‘Site’ within the policy). For reference, the SharpTools for Android app is a standalone app specifically focused on providing Plugins for Tasker and Widgets. As of today, the only permission we request is ‘Storage’ and it is only requested if you enable logging (as we need somewhere to write the logs to!)

Note that we may use more of these features in the future. That being said, we use the latest mobile development features which allow you to opt-in to these permissions rather than requiring them carte-blanche.

1 Like

is this what you use?

Thanks

Yep, works every time. Amazon will occasionally push an OTA update, and the bloatware will get added back, so I just pop the tablet off the wall, plug it back in to the computer, remove it all again, and it’s good to go.

1 Like

Is the fire tablet suitable for being powered on 24/7? Anyone gotten burn-in etc?

I have had 2 fire tablets and 1 Samsung tablet on constant charge for over 2 years with no issues.

4 Likes

Hey everyone, thanks for the deep and clear info of existed dashboards. Both are great, so far. I just want to bring you one another option which is called ThingsTwin Dashboard for SmartThings.

It’s quite different with existing ones, which is based on 3D space, it reflects your unique house in the dashboard, with visual effect like lighting brigher and darker based on light’s status. So basically, we call it a twin of your home, because all you see and control on the dashboard, will reflect to your real home in correct place, you don’t have to scroll on a long 2D panel or checking name of device to find where devices are.

It’s new, some features which are supported on above dashboards are under development, but we are working hard to bring it to life this September!

More information can be found at this thread: [ALPHA] ThingsTwin 3D App: Brand New Way to Play with Your Home - View and Control from 3D Floor Plan. Or our ThingsTwin HomePage page. Thanks!

ThingsTwinGif

3 Likes