Hubitat - How much can be seen?

aaiyar · November 7, 2019, 2:45pm

At the University of Minnesota. In 1993, I wrote a gopherd for Phil Karn's KA9Q NOS that ran over DOS.

Farhad Anklesaria (from UoMinn) helped me quite a bit.

jon1 · November 7, 2019, 4:58pm

What is the IP transport/mechanism by which you access the logs and diagnostic data? Im guessing you are able to execute commands on the hub over its websocket to make it upload these logs to the cloud? or is there a back door for ssh with a port held open on NAT?

bravenel · November 7, 2019, 5:23pm

Sorry, we're not going to provide details about this out of an abundance of caution with respect to security and privacy.

SmartHomePrimer · November 7, 2019, 6:22pm

[quote="bravenel, post:19, topic:26392"]
We can't see your...lock codes[/quote]

This would be only if encryption is enabled in the lock driver correct? Otherwise the lock codes will be shown in the log when used, aren’t they, or is that only when debug is enabled? Basing that question on my memory alone at the moment.

5fe94872fdbd2dbd06a8 · November 7, 2019, 7:09pm

bravenel

(Hubitat - How much can be seen? - #43 by bravenel)
jon1 Owner

What is the IP transport/mechanism by which you access the logs and diagnostic data?

Sorry, we're not going to provide details about this out of an abundance of caution with respect to security and privacy.

Security through obscurity.

Long track record of being the right choice...

5fe94872fdbd2dbd06a8 · November 7, 2019, 7:13pm

corerootedxb

7h

My first email account was with HoTMaiL and the only way to get to it was via gopher back then, that was in 1996. I still have the same account.

Yeah, that would put us close to the same age group. My first true "email" account was on FidoNet in 1992 and then I moved over to CompuServe in 1994.

First email address at work? Hmmm... 1987, with UUCP bang paths (y'all can google that).

bravenel · November 7, 2019, 7:24pm

OK, call it proprietary information that we choose not to disclose, if that makes you happier.

Eric.C.Miller · November 7, 2019, 7:42pm

First e-mail client of mine was Pine or Elm, I don't recall which one. We ran our own server - Sendmail, as I recall.

corerootedxb · November 7, 2019, 7:42pm

I know the ports that are already open on the hub, but I don't see how they would NAT a port without the users knowing (at least us that are network savvy).

If I didn't trust HE, I'd be inclined sniff the outgoing traffic from the hub to the cloud, but after interacting with a lot of these guys over the years on the ST forums and here, I don't see any reason not to trust them.

5fe94872fdbd2dbd06a8 · November 7, 2019, 7:54pm

I think the solution that would make me -- any most of the people reading this thread -- happy would be if there was a "support dump" mechanism on the hub the produced text output (JRE logs, HE software version, hardware firmware, etc, etc) with instructions on how to send that to hubitat.com for support (mail, web upload, etc.), rather than any means of remotely connecting to the hub.

That would assuage the security concerns of us tinfoil-hat types by allowing hubs to be air-gapped or firewalled from the internet and by giving us insight into the data that is exported, while ensuring that you get the info you need, in a consistent, parsable format.

By the way, can you please check my Hub remotely and tell me if the garage door is really open (as it's been alerting today) or if it's a false alarm from the tilt sensor?

PPz · November 7, 2019, 8:04pm

Do you remember Telix and those "fancy" pics (printed in less than an hour on our superb matrix printers and hanged on the wall) sent using that slomo Xmodem protocol ?

Pics flagged. Removed. Amen

HAL9000 · November 7, 2019, 8:12pm

If you have a Nest smoke alarm, they could get that info from Google.

mik3 · November 7, 2019, 8:12pm

Darn, I liked the picture. i thought it would get flagged. lol

Yes Telix rocked. I used it for dial up too.

PPz · November 7, 2019, 8:13pm

Flagged ! Wow, an ascii pic...

mik3 · November 7, 2019, 8:16pm

I have this gut feeling this thread may get closed too....

Hopefully I didn’t just start a big security concern for everyone.

I was just curious what the staff could actually see from their end....

PPz · November 7, 2019, 8:18pm

What did we say about the time ? Huhhhhh.... 1984 ?

bravenel · November 7, 2019, 8:25pm

Dream on. Not going to happen.

You are certainly free to air-gap your hub if you are concerned about security, and don't need any of the cloud based services or mobile app/Dashboards. Of course, you will have limited support options with no connection, but that's fine with us.

corerootedxb · November 7, 2019, 9:06pm

Yeah, that's never going to happen with a closed source system. Honestly, for that level of openness, one would need to run something like OpenHAB or Home Assistant. Hubitat is a commercial product and they have to protect their assets. Even as a security focused individual, I would never expect them to just dump the internals of the hub into a textual format.

anon61068208 · November 7, 2019, 9:10pm

Oh no you didn't !!

Attention People !!! We have a true god of the internet here.

You sir are famous. I loved gopher and had a ton of fun using it. Thank you for all of that.

anon61068208 · November 7, 2019, 9:12pm

That's not a bad idea

I hope not - it's the best thread I have read in weeks.