Evohome local connection

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts
  • Stevedh
    Automated Home Guru
    • Mar 2017
    • 177

    Evohome local connection

    Is there any technical reason this can't be done. I had having to rely on Honeywell's servers, especially as they are going through maintenance and upgrading etc. It would be so nice to be able to stick in the local ip of the touchcontroller and use vpn or port forwarding while out etc...

    anyway just a little rant as I keep finding they are down when I most want to use it..
  • dty
    Automated Home Ninja
    • Aug 2016
    • 489

    #2
    Of course, there's no reason why Honeywell couldn't implement this. But right now, the controller isn't listening on any ports, and even if it was I doubt they'd publish the protocol used to talk to it.

    Comment

    • Stevedh
      Automated Home Guru
      • Mar 2017
      • 177

      #3
      But they wouldn't have to if they added support in the app for it or something.

      Comment

      • dty
        Automated Home Ninja
        • Aug 2016
        • 489

        #4
        In the app? I'm confused now.

        Comment

        • G4RHL
          Automated Home Legend
          • Jan 2015
          • 1580

          #5
          I understood the email telling us about forthcoming maintenance to say we will retain control over our system locally but access on the web would suffer from time to time. Yesterday evening the app would not work, I tried it on two devices with the same result. This morning it works fine. I assume therefore that remote use via the app which connects wirelessly and locally is being affected.

          Comment

          • Stevedh
            Automated Home Guru
            • Mar 2017
            • 177

            #6
            The app does not connect locally (which is one of my complaints), only the little touch controller does. When your sitting in your home with your phone connected to your wifi your app sends your commands to Honeywell's servers, which then translate and send them back to your controller.. I really really wish the app had a local control mode and worked a bit like my phones connection to my tivo..

            Comment

            • paulockenden
              Automated Home Legend
              • Apr 2015
              • 1719

              #7
              As dty said, the controller isn't listening on any ports. It only makes outbound connections. I know the 868MHz side of Evohome is wide open, but the TCP/IP bit is pretty secure. Having ports open to listen for local app connections would blow that wide open.

              Originally posted by Stevedh View Post
              The app does not connect locally ... only the little touch controller does.
              The touch controller IS the system locally. It doesn't make local connections to anything other than via 868MHz (which your phone doesn't speak).
              Last edited by paulockenden; 23 January 2019, 10:08 AM.

              Comment

              • G4RHL
                Automated Home Legend
                • Jan 2015
                • 1580

                #8
                Originally posted by Stevedh View Post
                The app does not connect locally (which is one of my complaints), only the little touch controller does. When your sitting in your home with your phone connected to your wifi your app sends your commands to Honeywell's servers, which then translate and send them back to your controller.. I really really wish the app had a local control mode and worked a bit like my phones connection to my tivo..
                Of course you are right and here was I certain I could control from the app without an internet connection. I can’t, as you say. I think I was confusing this with another app, that for my Hue lights, which I can operate with or without an internet connection to the server. If Philips can do it then so can Honeywell.

                Comment

                • Stevedh
                  Automated Home Guru
                  • Mar 2017
                  • 177

                  #9
                  Originally posted by paulockenden View Post
                  As dty said, the controller isn't listening on any ports. It only makes outbound connections. I know the 868MHz side of Evohome is wide open, but the TCP/IP bit is pretty secure. Having ports open to listen for local app connections would blow that wide open.
                  You can have secure local communications, are you saying it needs to be more secure then my router, nas, ip camera, pc etc..

                  Comment

                  • paulockenden
                    Automated Home Legend
                    • Apr 2015
                    • 1719

                    #10
                    Originally posted by Stevedh View Post
                    You can have secure local communications, are you saying it needs to be more secure then my router, nas, ip camera, pc etc..
                    If someone got onto your local network (perhaps via an insecure IoT device) they'd have access to all of those things. They wouldn't have access to your heating though because, as I said, Evohome doesn't have any open ports. It only makes outbound connections.

                    Comment

                    • G4RHL
                      Automated Home Legend
                      • Jan 2015
                      • 1580

                      #11
                      Originally posted by paulockenden View Post
                      If someone got onto your local network (perhaps via an insecure IoT device) they'd have access to all of those things. They wouldn't have access to your heating though because, as I said, Evohome doesn't have any open ports. It only makes outbound connections.
                      But Honeywell security works differently in that no Internet and it can still be controlled. Looking at the European site which I check now with respect to Honeywell security, as it is so much better than the Evohome one, looking at Honeywell Home and then seeing how old the Evohome app and facilities are and on yet a different site again, I can only assume (perhaps “hope!”) that Honeywell have seen the light and the maintenance being effected over the next month is to produce a better integrated system in one place, one app. If they don’t do it, then the Honeywell systems will be all over the place. Also integration with HomeKit will help. But..... ? Not sure why they do not tell us what lies ahead. It cannot be a big secret. I assume they read these pages.

                      Comment

                      • Stevedh
                        Automated Home Guru
                        • Mar 2017
                        • 177

                        #12
                        Originally posted by paulockenden View Post
                        If someone got onto your local network (perhaps via an insecure IoT device) they'd have access to all of those things. They wouldn't have access to your heating though because, as I said, Evohome doesn't have any open ports. It only makes outbound connections.
                        No they wouldn't. Not unless they know my passwords or can hack the devices https connections, and if they knew my passwords then they could control my heating from anywhere in the world without access to my LAN.

                        Comment

                        • DBMandrake
                          Automated Home Legend
                          • Sep 2014
                          • 2361

                          #13
                          Originally posted by G4RHL View Post
                          Of course you are right and here was I certain I could control from the app without an internet connection. I can’t, as you say. I think I was confusing this with another app, that for my Hue lights, which I can operate with or without an internet connection to the server. If Philips can do it then so can Honeywell.
                          The TP-Link Kasa app for their smart plugs/bulbs is the same - it works from outside the house on 3G via their servers, but when on Wifi on the same network it will communicate directly with the devices, even if the internet connection is down. (As long as Wifi remains up)

                          The downside of this is that all these devices are listening for connections from smartphones on the network and at least in D-Link's case, they are horribly insecure and fairly trivial to take control of by anyone or any device on your local network:



                          And yes, I do own a couple of the smart plugs referred to by the article.

                          Honeywell not even trying to support direct connections to the Evotouch controller avoids this entire category of potential security holes. If there are no ports open listening for connections it makes it almost impervious to attack, at least via Wifi.
                          Last edited by DBMandrake; 24 January 2019, 05:03 PM.

                          Comment

                          • Stevedh
                            Automated Home Guru
                            • Mar 2017
                            • 177

                            #14
                            Interestingly there are a number of people who have posted on here who would prefer a LAN only connection as is less open to external attacks. Just because D-Link were stupid enough not to properly protect their device from from local connections doesn't mean you can't make a local connection secure, If my phone can securely talk to my back I'm sure a secure connection could be made to the controller.

                            Comment

                            • Arrghh!
                              Automated Home Sr Member
                              • Dec 2015
                              • 73

                              #15
                              Originally posted by Stevedh View Post
                              Interestingly there are a number of people who have posted on here who would prefer a LAN only connection as is less open to external attacks. Just because D-Link were stupid enough not to properly protect their device from from local connections doesn't mean you can't make a local connection secure, If my phone can securely talk to my back I'm sure a secure connection could be made to the controller.
                              I totally agree. Why do we have to put up with the unreliable system we have at present? I just want to be able to control heating here and in another remote location over IP/VPN and it can be done securely in the same way I monitor and control several cameras I have installed in both locations.

                              Comment

                              Working...
                              X