Page 2 of 2 FirstFirst 12
Results 11 to 15 of 15

Thread: Evohome local connection

  1. #11
    Automated Home Legend
    Join Date
    Jan 2015
    Location
    NE UK
    Posts
    1,007

    Default

    Quote Originally Posted by paulockenden View Post
    If someone got onto your local network (perhaps via an insecure IoT device) they'd have access to all of those things. They wouldn't have access to your heating though because, as I said, Evohome doesn't have any open ports. It only makes outbound connections.
    But Honeywell security works differently in that no Internet and it can still be controlled. Looking at the European site which I check now with respect to Honeywell security, as it is so much better than the Evohome one, looking at Honeywell Home and then seeing how old the Evohome app and facilities are and on yet a different site again, I can only assume (perhaps “hope!”) that Honeywell have seen the light and the maintenance being effected over the next month is to produce a better integrated system in one place, one app. If they don’t do it, then the Honeywell systems will be all over the place. Also integration with HomeKit will help. But..... ? Not sure why they do not tell us what lies ahead. It cannot be a big secret. I assume they read these pages.

  2. #12
    Automated Home Sr Member
    Join Date
    Mar 2017
    Posts
    80

    Default

    Quote Originally Posted by paulockenden View Post
    If someone got onto your local network (perhaps via an insecure IoT device) they'd have access to all of those things. They wouldn't have access to your heating though because, as I said, Evohome doesn't have any open ports. It only makes outbound connections.
    No they wouldn't. Not unless they know my passwords or can hack the devices https connections, and if they knew my passwords then they could control my heating from anywhere in the world without access to my LAN.

  3. #13
    Automated Home Legend
    Join Date
    Sep 2014
    Location
    Scotland
    Posts
    1,795

    Default

    Quote Originally Posted by G4RHL View Post
    Of course you are right and here was I certain I could control from the app without an internet connection. I can’t, as you say. I think I was confusing this with another app, that for my Hue lights, which I can operate with or without an internet connection to the server. If Philips can do it then so can Honeywell.
    The TP-Link Kasa app for their smart plugs/bulbs is the same - it works from outside the house on 3G via their servers, but when on Wifi on the same network it will communicate directly with the devices, even if the internet connection is down. (As long as Wifi remains up)

    The downside of this is that all these devices are listening for connections from smartphones on the network and at least in D-Link's case, they are horribly insecure and fairly trivial to take control of by anyone or any device on your local network:

    https://www.softscheck.com/en/revers...tp-link-hs110/

    And yes, I do own a couple of the smart plugs referred to by the article.

    Honeywell not even trying to support direct connections to the Evotouch controller avoids this entire category of potential security holes. If there are no ports open listening for connections it makes it almost impervious to attack, at least via Wifi.
    Last edited by DBMandrake; 24th January 2019 at 04:03 PM.

  4. #14
    Automated Home Sr Member
    Join Date
    Mar 2017
    Posts
    80

    Default

    Interestingly there are a number of people who have posted on here who would prefer a LAN only connection as is less open to external attacks. Just because D-Link were stupid enough not to properly protect their device from from local connections doesn't mean you can't make a local connection secure, If my phone can securely talk to my back I'm sure a secure connection could be made to the controller.

  5. #15
    Automated Home Sr Member
    Join Date
    Dec 2015
    Posts
    73

    Default

    Quote Originally Posted by Stevedh View Post
    Interestingly there are a number of people who have posted on here who would prefer a LAN only connection as is less open to external attacks. Just because D-Link were stupid enough not to properly protect their device from from local connections doesn't mean you can't make a local connection secure, If my phone can securely talk to my back I'm sure a secure connection could be made to the controller.
    I totally agree. Why do we have to put up with the unreliable system we have at present? I just want to be able to control heating here and in another remote location over IP/VPN and it can be done securely in the same way I monitor and control several cameras I have installed in both locations.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •