First Experience with UPB

Yes, there is the Network ID which is akin to X10 house code, then the Network name is just descriptive for reference. Then there is the Unit ID. If someone knows the Network ID and Unit ID they should be able to control your devices. There is also the network password which is used to prevent outsiders from writing to your switches, so while they can send on/off/dim commands, they can not make changes to the switches without the password..
 
The Insteon RF repeaters are promiscuous and have no access control. If you have several neighbors in good RF range, you'll bridge all your houses together.

I thought you needed to start the set cycle on the first signal linc to add others to the setup. If so, wouldn't a neighbor need to add his signallinc at the same time you were adding yours? As otherwise it won't just automatically link with the other network, even if it is next door.

I'm relatively new, so I could be way off, but do they really just add to an existing network when a new signallinc is seen? (I only have two at the moment for my testing).

I suppose this could get trickier later if individual units add RF as well.
 
Steve: Yes, you can't make changes to the settings without the password. But you CAN turn devices on and off. And, if you leave a sniffer running, you'll see packets if/when you victim ever runs UPStart and they will contain the password. Or you could periodically send an active probe for devices in setup mode and hope to catch one when the victim adds or changes links.

But, with UPB, you can SEE if somebody is trying to mess with you. If your neighbor gets UPB toys and has evil inclinations and your lights or appliances start turning on/off, you'll be able to see it happening in your log files. And you'll be able to mess with them back and see who's lights are blinking, thus identifying the culprit.

With Insteon however, you won't be able to see anything of the sort. You used to be able to see that "something" (of which the details were scrubbed out) got sent over the wire that isn't registered with you, but not any longer. It used to send a message to the host computer saying to the effect of "I saw a packet I dont recognise". Now it is utterly silent. And the good part is that Insteon switches will respond to your evil neighbor when he scans device space. And there is nothing you can do to stop it, no way to identify the culprit, and no way to even tell the difference between a device malfunction and an evil neighbor. You can't even tell if somebody is doing a scan on you.
 
Call me naive, but I'm not worried about evil neighbors. Honestly this whole thing sounds like making mountains out of molehills. I can see the neigbors now... "Look honey, I figured out a way to turn Steve's lights on and off, oh cool, look, I can make them blink too". If thats the extent of the damage then God bless them, they need a life. It's not like they hacked into your network and have access to all your personal info, financials, etc. and can steal your identity or something. Also, that person would have to be pretty tech savvy and probably be real easy to identify. I guess it could be useful for that 1 in a billion time when maybe you get hijacked, but I would not let the lack of it stop me from using either protocol. I love my MTV, I mean UPB.
 
Mike: No, signalinc-RF's are totally promiscuous. The set button does nothing except help you find phases. There is NO LINKING of signalinc-RF's. None at all. They work just the same if you've never even pressed the set button.

If your neighbor's signalinc-RF is in range of yours, it will happily bridge your houses networks together, and will repeat the messages at full strength in each house.
 
Steve: One of the stated goals of the Insteon project is to get the cost of embeddable controllers down so that small devices can be embedded on controller boards of things like fridges or other home appliances. Being able to mess with a fridge or freezer (on/off/temperature) or an Insteon controlled HVAC system (imagine heat setpoint pushed to 95F while you're away for a month) is a far different matter than turning a light on or off. That scenario can cost real money.

For lights, its a non issue. For appliances it could be, especially if the Insteon folks get their way with pervasive embedding in appliances. I know that if an evil neighbor turned my UPB controlled aquarium water fill system on for more than 60 minutes, I get floods. I can switch to a relay IO board, but I happen to know that there are zero other upb users in range so I haven't been motivated enough to get around to doing it. I won't be able to tell that with the new PLCv2.
 
Not knowing the UPB side, an easy approach that might solve their issue is to release an updated set of SignalLinc's (and I may be missing some edge cases on this as well) that allow you to set the equivalent of a MAC address filter for wireless networks. That would mean they would only listen to preprogrammed Insteon addresses.

The best way to do this: unclear. Perhaps a USB module with some software on the PC (which sounds somewhat similar to UPStart with some additional security functions, although Insteon devices don't currently have any memory themselves, and in this case the signallinc's could be upgraded to be able to understand that).

If this approach works, why not the same equivalent for UPB?

I'm not sure of how UPB assigns ID's (but I think they do) but Insteon ones are XX.XX.XX which won't take a lot of memory to store a number of them that people are not likely to exceed (even if it was only thousands, how likely is one person or site likely to exceed it? Say it was enough to store 64K items, everyone should be happy, might just be an inventory nightmare for truly immense installations.
 
The potential shortcoming to that approach is that the source address can be spoofed. Both Insteon and UPB have both the source and destination addresses in each packet, so it's easy to determine the address to spoof.

Insteon's illusion of security is to have their computer interface always return the high two bytes of the address as zeros to the host computer. But there are two ways that you can get around that: You can use a homemade or modified Insteon device to give you the full address, or you can try all 65,536 combinations of the devices address in a couple of hours.
 
Back
Top