Update logitech post

sass/custom/_paulus.scss

@@ -458,7 +458,7 @@ a code {
   color: $primary-color;
 }
 
-twitterwidget {
+twitter-widget {
   margin-left: auto;
   margin-right: auto;
 }

source/_posts/2018-12-17-logitech-harmony-removes-local-api.markdown

@@ -1,6 +1,6 @@
 ---
 layout: post
-title: "Logitech Harmony removes local API"
+title: "[Update: not a mistake] Logitech Harmony removes local API"
 description: "Logitech has disabled the local API of the Harmony Hub with their latest software update. For privacy and speed it is important that home automation devices communicate locally, without data leaving the network."
 date: 2018-12-17 00:01:00
 date_formatted: "December 17, 2018"
@@ -14,8 +14,6 @@ Logitech has disabled the local API of the Harmony Hub with their latest softwar
 
 We hope that this was an oversight on their end and that it will be reverted shortly. We have reached out to Logitech for a clarification and will update this post when available. Until this is resolved, we no longer recommend buying or using Logitech products.
 
-_This is a developing story that we will update as more information becomes available._
-
 **Update 1 (17 dec):** still no response on our inquiries but Twitter user [@FlorianNoack](https://twitter.com/FlorianNoack/status/1074744105002037248?s=09) found an answer from Logitech on [a thread on their forums](https://community.logitech.com/s/question/0D55A00008D1oIoSAJ/firmware-update-blocked-api-access) (visible after clicking a few times on "More answers"):
 
 <p class='img'>
@@ -43,6 +41,18 @@ _This is a developing story that we will update as more information becomes avai
 
 [@chadcb]: https://github.com/chadcb
 
+**Update 5 (19 dec):** Logitech has posted an official response on [their forums](https://community.logitech.com/s/question/0D55A00008D4bZ4SAJ/harmony-hub-firmware-update-fixes-vulnerabilities). They claim that they removed the local XMPP API after a report from a third-party cyber security firm. We have been unable to verify if this is true. The XMPP API has been around since [at least 2013](https://github.com/jterrace/pyharmony) and has been widely adopted within smart homes worldwide. In their forum post they write that they are aware it was being used, yet they did not consider giving any form of heads up, proofing to be an unreliable part of our smart homes.
+
+<blockquote class="twitter-tweet" data-conversation="none" data-lang="en"><p lang="en" dir="ltr">We have no plans to reenable access to private APIs</p>&mdash; Todd Walker (@ToddW_Logitech) <a href="https://twitter.com/ToddW_Logitech/status/1075225822850560000?ref_src=twsrc%5Etfw">December 19, 2018</a>
+</blockquote>
+
+We will be releasing a hot fix today to migrate our integration to another local API that is being used by their iOS app. Expect it to suffer the same faith at a future point.
+
+<p class='img'>
+  <a href='https://community.logitech.com/s/question/0D55A00008D4bZ4SAJ/harmony-hub-firmware-update-fixes-vulnerabilities'><img src='/images/blog/2018-12-logitech-harmony-removes-local-api/forum-post-3.png' alt='Screenshot of a forum post by a Logitech employee saying that the local API was removed after a report from a third-party cyber security firm.'></a>
+  Thread by member of the Harmony Team.
+</p>
+
 ### {% linkable_title Reverting the software update %}
 
 If you have already updated your Harmony Hub to v4.15.206, you have probably noticed that Home Assistant and other products communicating with the local API have stopped working. Don’t worry, it’s (still?) possible to downgrade to a previous version using the following steps (source: [Reddit 1](https://www.reddit.com/r/homeassistant/comments/a6u6ep/psa_harmony_hub_firmware_v415206_breaksremoves/), [Reddit 2](https://www.reddit.com/r/homeassistant/comments/a6u6ep/psa_harmony_hub_firmware_v415206_breaksremoves/eby89t8/)):

source/_posts/2018-12-19-logitech-stance-on-local-api.markdown

@@ -0,0 +1,39 @@
+---
+layout: post
+title: "Logitech's stance on local APIs"
+description: "Logitech states that it does not intend to make a local API available."
+date: 2018-12-19 00:01:00
+date_formatted: "December 19, 2018"
+author: Paulus Schoutsen
+author_twitter: balloob
+comments: true
+categories: Public-Service-Announcement
+---
+
+Logitech has decided to remove a widely used local API of their Logitech Harmony hub. We've been tracking the story [here][blog-remove-api]. This has caused a lot of commotion among our users, and users of other smart home solutions, that integrated with the Logitech Harmony hub and all of a sudden were surprised with a broken smart home. Not a nice way to start the already busy holiday season!
+
+Since it's 2018, a lot of these discussions are playing out on Twitter. While browsing the discussions, we came across this statement by a senior manager for product marketing for Logitech Smart Home, [Todd Walker]:
+
+<blockquote class="twitter-tweet" data-lang="en"><p lang="en" dir="ltr">Currently, we do not plan to add support for local control.</p>&mdash; Todd Walker (@ToddW_Logitech) <a href="https://twitter.com/ToddW_Logitech/status/1075222154726100993?ref_src=twsrc%5Etfw">December 19, 2018</a>
+</blockquote>
+
+We have a lot of opinions about this, but felt that they were appropriately covered by Twitter user, and contributor to Home Assistant, [Jon Maddox]:
+
+<blockquote class="twitter-tweet" data-conversation="none" data-lang="en"><p lang="en" dir="ltr">You realize that any kind of device like this…with only cloud control…is an inferior experience right?<br><br>Why would you mandate the latency that round trip cloud requests incur? Please try harder to make the product better, not usurping more control over it.</p>&mdash; Jon Maddox (@maddox) <a href="https://twitter.com/maddox/status/1075275432243666945?ref_src=twsrc%5Etfw">December 19, 2018</a>
+</blockquote>
+
+<blockquote class="twitter-tweet" data-conversation="none" data-lang="en"><p lang="en" dir="ltr">The Harmony smart assistant skills are limited to 1 hub. Will you guys be resolving that? <br><br>Your official implementations of things we’ve accomplished ourselves, are actually inferior.<br><br>I think people would be less upset if the case was different.</p>&mdash; Jon Maddox (@maddox) <a href="https://twitter.com/maddox/status/1075275973086625792?ref_src=twsrc%5Etfw">December 19, 2018</a>
+</blockquote>
+
+<blockquote class="twitter-tweet" data-conversation="none" data-lang="en"><p lang="en" dir="ltr">Why should we buy more than one Harmony hub if only one of them works with Alexa? We utilized the local api to create our own supported experience that allows for private, secure, faster, and more than 1 hub.<br><br>That means we BUY more than 1 hub. That’s a really great thing.</p>&mdash; Jon Maddox (@maddox) <a href="https://twitter.com/maddox/status/1075276431985467392?ref_src=twsrc%5Etfw">December 19, 2018</a>
+</blockquote>
+
+<blockquote class="twitter-tweet" data-conversation="none" data-lang="en"><p lang="en" dir="ltr">And lastly, (to get it all off my chest 😄), locking down a local API and forcing users to a complete cloud solution is not more secure. <br><br>Home networks are trusted zones. Corporate clouds have proven time and time again to be revealed as less than secure.</p>&mdash; Jon Maddox (@maddox) <a href="https://twitter.com/maddox/status/1075276977022689282?ref_src=twsrc%5Etfw">December 19, 2018</a>
+</blockquote>
+
+<blockquote class="twitter-tweet" data-conversation="none" data-lang="en"><p lang="en" dir="ltr">I can be responsible for my own home network. I cannot be sure that yours is. <br><br>Consider embracing these users. Create an authenticated local API. Local control is the only guaranteed private, secure, and RELIABLE way to control the future of devices at home.</p>&mdash; Jon Maddox (@maddox) <a href="https://twitter.com/maddox/status/1075277380267229184?ref_src=twsrc%5Etfw">December 19, 2018</a>
+</blockquote>
+
+[blog-remove-api]: /blog/2018/12/17/logitech-harmony-removes-local-api/
+[Todd Walker]: https://twitter.com/ToddW_Logitech
+[Jon Maddox]: https://twitter.com/maddox