Page 19 of 36 FirstFirst ... 9141516171819202122232429 ... LastLast
Results 181 to 190 of 357

Thread: Evohome app broken

  1. #181
    Automated Home Sr Member
    Join Date
    Dec 2015
    Posts
    73

    Default

    I don't think they planned it at all.

    I think they don't have proper change management and are fire fighting unexpected problems all the time. That's how it appears to me, anyway.

    The email is just something they can point at when people complain.

  2. #182
    Automated Home Lurker
    Join Date
    Jan 2019
    Posts
    1

    Default

    Quote Originally Posted by Arrghh! View Post
    I don't think they planned it at all.

    I think they don't have proper change management and are fire fighting unexpected problems all the time.
    I agree with that! This appears to be "hacking with the live server to make it work" rather than a controlled development process deloying updated software that has been properly tested in a test environment.

    I use the remote setting functionallity extensively and am getting concerned about the long term viability of this system. Has anyone decoded the messages between the controller and the server to see if an alternative can be provided?

  3. #183
    Automated Home Guru
    Join Date
    Dec 2016
    Posts
    134

    Default

    Quote Originally Posted by keylevel View Post
    I agree with that! This appears to be "hacking with the live server to make it work" rather than a controlled development process deloying updated software that has been properly tested in a test environment.

    I use the remote setting functionallity extensively and am getting concerned about the long term viability of this system. Has anyone decoded the messages between the controller and the server to see if an alternative can be provided?
    As I said before: from the limiting of connection attempts (whether successful or not) I conclude that they are trying to fight server overloads from what will most likely be hacking attempts. Probably password guessing mechanisms. Judging by the traffic I see on my home email server it is also very likely that whatever they are doing does not have the effect they are hoping for and is in fact just causing annoyance to legitimate users as they pointlessly keep trying to filter out the unwanted traffic.

  4. #184
    Automated Home Legend paulockenden's Avatar
    Join Date
    Apr 2015
    Location
    South Coast
    Posts
    1,594

    Default

    As someone who spends a lot of time fighting hack attempts I have some sympathy. I have one client whose systems are under constant attack mostly from soviet bloc countries and another whose website and other systems that we host are almost exclusively attacked from Chinese IP addresses.

    Sometimes it's tempting to just block whole countries in the firewall, but that's against the spirit of the Internet so be continue just banning dodgy IP addresses and 'nasty' netclocks.

  5. #185
    Automated Home Lurker
    Join Date
    Oct 2014
    Posts
    2

    Default

    For the last few days I've been getting 'communication with the system has been lost' even though it's reading the parameters OK, so presumably communication has not been lost.

    Hoping it will be back to normal after the updates. Pretty poor service for such an expensive system...

  6. #186
    Automated Home Guru
    Join Date
    Dec 2016
    Posts
    134

    Default

    Quote Originally Posted by paulockenden View Post
    As someone who spends a lot of time fighting hack attempts I have some sympathy. I have one client whose systems are under constant attack mostly from soviet bloc countries and another whose website and other systems that we host are almost exclusively attacked from Chinese IP addresses.

    Sometimes it's tempting to just block whole countries in the firewall, but that's against the spirit of the Internet so be continue just banning dodgy IP addresses and 'nasty' netclocks.
    Yeah well the thing here is the word 'addresses' - it's rarely a single schoolkid playing with his computer connected to a 9600 baud modem like in the movies. I've had days where my logs showed over 10,000 login attempts and they were all unique addresses. Every one of them only hit my server once! I've tried stuff like fail2ban, but that didn't stop anything and only caused the server's boot time to increase to over half an hour from loading all those iptables rules. Switching to xtables recent filter brought back responsiveness to the server, but it still did not stop thousands of futile login attempts to show up in the log.

    So is it the Russians or the Chinese? I don't really think so. There are literally millions, possibly hundreds of millions, compromised computers out there. Not just privately owned desktops, but big mainframe like servers as well. Investigating a php vulnerability that allowed injecting arbitrary code I traced one IP address back to a Dutch hosting company that is apparently hosting practically every **** site in the world. They were not the hacker; their server was running the same script that was attempted to be injected on mine, but because it was such a big server they never noticed the load from it trying to replicate itself, send spam, run password guessing routines, perform DOS attacks and route commands from the actual hacker onto other compromised machines. The reason why you see so many Russian and Chines IP addresses my guess is that there are still a lot of Windows XP machines out there and illegal copies of Vista and 7 that can't receive security updates. I also think that in these countries, like in The States, it's custom to have your desktop computer tied directly to the internet whereas in Europe we usually install so-called smart modems that hide your computer on a private IP range and the only thing a hacker can do is try to lure the user into initializing the connection himself.

    Back to topic:
    According to my logs the Evohome portal does not normally kick me out while my session is still valid. The v2 API does however require that you renew your login after 3600 seconds and this is where the failures show up in the log. The portal refuses both the renewal and the normal login and I'm out. That's not all though. In many cases the information I receive prior to being kicked out myself is old cache, mostly notable if there was a temporary override that should have ended but still shows the until time that is in the past. My guess is that the RFG100 itself may also be blocked while trying to refresh its connection and this is likely where the commands you send appear to work in the app but never reach the actual system. And that incorrect feedback is particularly nasty. I for one would very much like Honeywell to show the zones as being offline when this happens.

  7. #187
    Automated Home Legend paulockenden's Avatar
    Join Date
    Apr 2015
    Location
    South Coast
    Posts
    1,594

    Default

    Quote Originally Posted by gordonb3 View Post
    I've had days where my logs showed over 10,000 login attempts and they were all unique addresses.
    That'll be a botnet. Notoriously hard to deal with.

    Quote Originally Posted by gordonb3 View Post
    The reason why you see so many Russian and Chines IP addresses my guess is that there are still a lot of Windows XP machines out there and illegal copies of Vista and 7 that can't receive security updates.
    More often than not it's machines sitting in cheap hosting facilities. Probably virtual servers. So not desktops or laptops. But yes, those VPSs could be running unpatched copies of Windows in some instances.

    P.

  8. #188
    Automated Home Jr Member
    Join Date
    Jan 2009
    Posts
    11

    Default

    I’ve had a 12 zone Evohome colour (pre “Wi-Fi” head) since 2014 and really never had any problem with it...until the last couple of months.
    Temperature control is now not very stable, and temperature shown on app does not reflect the zone controller for some zones quite a lot of the time. I don’t graph or use API other than standard SmartThings/ Alexa.
    I logged a call last week and they re-sync’d my head, presumably with the gateway- but this doesn’t seem to have helped.

    Just came across this thread and wondering if this is related...I was wonderingly if they’d made a change which worked for the newer Wi-Fi controller with embedded gateway and didn’t work correctly in my older setup...

  9. #189
    Automated Home Sr Member
    Join Date
    Nov 2015
    Posts
    95

    Default

    Count me in too, got a "communication with the system has been lost" error in the app, but controller responds to Alexa just fine.

    I don't think I've ever known a system with quite so many bugs and flaws.

    Had it a couple of years or so now and I'm contemplating writing it off as a failed experiment and looking for something else as this is just pathetically unreliable at the moment.

    A geek can live with it, but when it starts to become a problem for she who must be obeyed, then the tech is on borrowed time.

  10. #190
    Automated Home Sr Member
    Join Date
    Jan 2015
    Posts
    96

    Default

    In think we're all in the same boat Chris. I have the same configuration as you and was operating without any problems (apart from the repeated log-in requests) until recently.

    Worryingly I wasn't able to remote set the security system last night, which is something not encountered before.

    I don't really subscribe to the hacking theory. They're hardly likely to release an email saying effectively that "we're going to be a hacking target from next week and it's going to last for a month".

    Quote Originally Posted by chris_gla View Post
    I’ve had a 12 zone Evohome colour (pre “Wi-Fi” head) since 2014 and really never had any problem with it...until the last couple of months.
    Temperature control is now not very stable, and temperature shown on app does not reflect the zone controller for some zones quite a lot of the time. I don’t graph or use API other than standard SmartThings/ Alexa.
    I logged a call last week and they re-sync’d my head, presumably with the gateway- but this doesn’t seem to have helped.

    Just came across this thread and wondering if this is related...I was wonderingly if they’d made a change which worked for the newer Wi-Fi controller with embedded gateway and didn’t work correctly in my older setup...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •