The only way to truly keep your data private, is to NOT transmit it out of your domain (in this case, the home network). Even there, the wireless transmission is suspect.
I would like to be able to implement my own security and monitoring system because I don't believe the cable companies and ADT and their ilk really do much in the way of a service for me (certainly not worth paying for, and nothing I can't do for myself).
Openness will help improve the robustness of the security, but won't eliminate threats and possibilities for hackers from intercepting our data, or even circumventing our security and/or control of our devices.
It would seem that a centralized services solution offers the most opportunity for flexibility, and yet is the very means by which, if there ever is a security breach of our SmartThings born data or device control, will be how it happens (everybody's data and control is forced through one pipe - a beautifully deterministic way to provide hackers with an easy, and immutable location to target).
A home-based network, and control model (instead of distributed), provides a user to maintain better controlled security in the face of most natural and internet or cell network disasters (an UPS and/or generator keeps everything running, including door locks, window sensors, ...)
Because this system can be used to secure and control physical property, and human well being, don't you really HAVE to give the implementer the option to control it however they like as long as it doesn't put others at risk? i.e. if you can't assure with all physically possibility that a hacker won't somehow be able to find a way to send a transmission to my SmartThings hub to open my front door, how about you let me find a way to do my best to do that if I choose to use these devices as my means of securing my family and belongings?
I mean, it's an "open" system anyway, right?
A home-based server also takes away an important part of the SmartThings value proposition, so I wouldn't think it is an either-or issue. If security and resiliency (fault-tolerance) are important to users, shouldn't we really be able to have both issues addressed to our satisfaction?
For a security system, if you don't feel completely comfortable with the veracity of the system, don't you really take away one of its main purposes (peace of mind)?
I appreciate other users' perspectives on this issue, such as GatorEye, and I agree with issues brought to light here. If there is no SmartThings-provided solution for a locally-hosted monitoring and control system for the SmartThings network, then all we need is the ability to implement our own system taking advantage of the hardware and firmware installed.
I can imagine with all the money SmartThings has been blessed with from backers and other funds, and that this issue is so important to everybody, that significant effort is being applied to these issues, however, let's not be naive - this system will NOT be comprehensively secure if connected to the internet. That's just the way it is, at least as long as humans are involved. As sold, it can be very difficult for hackers to circumvent the system, but as things exist today and for the foreseeable future, not impossible. That is, of course, not to imply that the solution we will receive is necessarily any less secure than any other - I'm sure the team has spent our money very well.
We just want to be in control of our destiny when so much is at stake.
The option of a self-directed and controlled system is a natural extension of an "OPEN" system such as this one, and IMHO, the only way to take away the option from hackers to be able to reach into my system from the internet (unless of course, it is turned off).
I am sometimes a little bit black-and-white about such issues, but I would really like to hear other's opinions about this too.
BTW - having a home-based software server for the SmartThings network provides other benefits as well, including, but not limited to integrating the system into other home automation software systems without having to make use of the SmartThings user interfaces or centralized servers.