Hello all,
This is my first day with Domoticz, starting small with a Raspberry Pi, a Aeotec ZW090 Z-Stick Gen5, and a Hauppauge mySmarthome 4-in-1 https://discord.software/ fetlife vshare
which reports itself as "Philio Technology Corporation PST02-A 4 in 1 Multi-Sensor" in Demoticz.
I set up a random Security Network Key and connected the device using "Include Node Secure". The sensors showed up, but I was unable to effect any configuration changes, which made the temp sensor mostly unusable (the default is to report temp every 6 hours and I could not change it). Resetting the sensor and connecting it using "Include Node" worked, I was able to get lux and temperature updates every 15 minutes.
My question is - just how insecure is "Include Node" vs "Include Node Secure"? Can a "non-secure" connection be disabled externally or hijacked? I tried googling and searching this forum for an answer, and I could not find a definitive comparison of the two modes in terms of the actual security they provide.
Best regards,
"Include node secure" vs "include node"!!!
Moderator: leecollings
-
jaisomnmick
- Posts: 2
- Joined: Friday 24 January 2020 16:29
- Target OS: Linux
- Domoticz version:
- Contact:
-
rrozema
- Posts: 470
- Joined: Thursday 26 October 2017 13:37
- Target OS: Raspberry Pi / ODroid
- Domoticz version: beta
- Location: Delft
- Contact:
Re: "Include node secure" vs "include node"!!!
The difference between secure and non-secure inclusion is that for securely included devices -for devices that support it- most of the data sent over the air is going to be encrypted. For devices that don't support encrypted communication, communcation automatically falls back to non-secure inclusion.
Z-wave communication is broadcasted over radio frequencies, so someone could be standing outside your house and listen in on the radio frequencies used and receive your commands and even send commands to your devices. However the range of z-wave devices is not very far, so they need to be standing close to your home. Maybe your neighbours can do it, but not the one next to that. And -unless you have some sort of z-wave-to-ip-bridge- no one is going to be able to connect to your devices over the internet, not even the insecurely included ones.
Compared to other RF (radio frequency) controlled devices z-wave has the advantage that every transmitted z-wave message has a "house code" included in it, even for non-securely included devices. The house code is unique to every controller, so this makes that 2 z-wave networks won't respond to nor "see'" each other's devices, even if they are in range. Most other RF controlled networks lack this house code or only have a very rudimentary one, making that a neighbour can easily see and even control devices.
Z-wave communication is broadcasted over radio frequencies, so someone could be standing outside your house and listen in on the radio frequencies used and receive your commands and even send commands to your devices. However the range of z-wave devices is not very far, so they need to be standing close to your home. Maybe your neighbours can do it, but not the one next to that. And -unless you have some sort of z-wave-to-ip-bridge- no one is going to be able to connect to your devices over the internet, not even the insecurely included ones.
Compared to other RF (radio frequency) controlled devices z-wave has the advantage that every transmitted z-wave message has a "house code" included in it, even for non-securely included devices. The house code is unique to every controller, so this makes that 2 z-wave networks won't respond to nor "see'" each other's devices, even if they are in range. Most other RF controlled networks lack this house code or only have a very rudimentary one, making that a neighbour can easily see and even control devices.
Who is online
Users browsing this forum: No registered users and 1 guest