As the number of multi hub users grows

...it would be great to download an update once, and then "locally" update other hubs.

I think I understand at least a couple of reasons not to allow, but living on a cellular hotspot, it sure would be nice.

4 Likes

Maybe make it as something that could be shared over meshed hubs, with one being the "lead" for software?

I know of printer/MFPs that can do this type of thing (software updates, clone files, other stuff) but it would be interesting in a multi-hub setup. I know I am probably an outlier with my 4 (2 C-5s and 2 C-7s) but it would be a benefit from a simplicity and consistency standing.

1 Like

I could understand needing to communicate back to base to confirm that registration status of the hub, but agree it would be nice for those on slow connections if the actual download of the software could be done once and the rego check the only online part.

Also like @snell 's idea of using the mesh as a method of delivery.

There are several factors that the HE staff would have to overcome to make this happen, the chief one being security. At the moment there is no external entry point to force a code update onto a hub, and thus no way for a third party to inject code into the hub. To allow this feature that restriction would have to be modified, and they would also need to allow for an update file to be physically present outside of the HE ecosystem - both of these induce risks that are not present today.

So while I appreciate the convenience that this approach would bring, putting on my CISO hat makes me ask is the added risk something I want to deal with? My answer, not really.

6 Likes

Why would it require code injection? The "secondary" hub(s) would be specifically polling for the data from the "primary" hub so it would be requesting it from an already "known trusted" device. At the most basic this feature would not require even installing the update.

It could be a case (like the other products I am aware of) where the update is effectively stored locally and when the admin wants they can then have it applied. They have the option of allowing them automatically or requiring confirmation before updating (so thus manual update). Either way it keeps the outside data less.

This would let someone have a "test" hub that they update as soon as a new release comes out (which is still not automatic in itself). It would now retain the update file(s). Once they feel confident in it enough for further deployment they then go to the other hubs and tell them to update from the "test" hub over the mesh. That way they do not use the extra data going outside their network and depending on their uses they may never go outside the network (heck, it would allow them to be more secure because the router or firewall could keep them completely isolated from outside the network).

The act of storing the FW patch on a secondary hub creates another avenue of attack, and creates the potential for someone to develop an exploit that simulates an "authorized" hub.

1 Like

That might work if you had two identical hubs. However, I bet many multi-hub owners have an older hub such as the C-5 which they decided to keep online after upgrading to the newer C-7. In that situation, the update firmware might be different for the two hubs. Since firmware is so critical, it may best to leave things the way they are.

If I look at my Hubitat backups, they are about 2.5 MB in size. Back in the days of 9600 baud modems and dial-up Internet, that would be significant. Even 3G Internet can handle this easily. The old 3G system is being phased out this year in favor of 4G and 5G systems which are much faster..

2 Likes

What about as an alternative the ability to stage the update? Basically, separating the download part from the installation part. The download could be configurable to run automatically overnight but the update would await user interaction. This would not save you bandwidth but it would save you time.

This and probably a handful of other optimizations that could be pursued to minimize (allow modularization of) the necessary updated components before going as far as the OP's idea.

How long is it taking you to download the firmware updates? Even with a relatively slow Internet connection, it should not take more than a couple of minutes. I have a fast cable Internet and my downloads only take a few seconds, It is checking the integrity of the download package and the installation process that is slow.

I just click on the update button and everything else proceeds without intervention on my part. I can walk away and do whatever else I want. I can start the update on my computer, cellphone, or tablet; it does not matter. You could even initiate the upgrade process right before you go to bed.

I can understand why someone with a metered Internet connection might want to minimize an extra download, but I do not get the point about saving time since the only time required is activating the update with the click of a button and accepting the service agreement. What am I missing?

1 Like

Is the number of multi hub users growing?

2 Likes

I mean I guess one solution would be to allow a locally downloaded firmware file and then allow you to point the hub at that location for update. I don't know if @bravenel or others would go for that though.

An appropriately signed file would make it easy for the hub to prove it was an untampered firmware file.

I think the fact that this would create a local copy of the firmware is enough that it won't happen. The existence of that file outside of HE's direct control creates an exposure for the company that doesn't exist today, and the changes necessary to safeguard that approach are not insignificant nor without cost.

5 Likes

This seems like an edge use case to me, ie there just aren’t many users that have a compelling need for this. I wasn't being facetious above.

In addition, there seem to be potentially serious user security and/or company intellectual property breaches to protect against, which can only make this less appealing for staff to consider implementing.

3 Likes

Kinda what I was thinking with allowing a single download file.

2 Likes