cancel
Showing results for 
Search instead for 
Did you mean: 

Internet of things

shermans
Rising Star
Posts: 1,052
Thanks: 27
Fixes: 1
Registered: 07-09-2007

Internet of things

I have recently installed a SONOFF internet switch which enables me to turn my central heating on and off remotely when I am away by accessing my broadband router.  It works well and has been a god-send.

 

However, I am now getting a little anxious about security because I had to register my wi-fi password in order to allow access to the SONOFF.  Does this mean that in fact some server in China now knows my SSID and password ?  If that is the case, am I really exposed or is the security risk manageable ?

16 REPLIES
Community Veteran
Posts: 4,746
Thanks: 1,045
Fixes: 27
Registered: 16-10-2014

Re: Internet of things

@shermans - Where was this registration done?  If you registered via the device then I don’t think so, unless it dial home, but if this was a remote site then in theory yes.

Also, anyone knowing your WiFi password, should they want to make use of it, would need to be in the vicinity of your Wireless Network.

shermans
Rising Star
Posts: 1,052
Thanks: 27
Fixes: 1
Registered: 07-09-2007

Re: Internet of things

Thanks for the reply.  The registration is made through an APP called EWE-LINK.  You open an account and then pair the SONOFF.  The overview of the system reads :

"eWeLink is a smart home control APP that can control all ITEAD home automation devices and cooperated products. The smart home devices connect to home appliances and electronic devices via WiFi, allowing you to remote control through APP eWeLink. With eWeLink, users can control and manage more than hundred smart home devices of 80 brands."

The process for registering is :

"Input a correct mobile phone number, then your phone will receive an SMS containing a verification code.  Fill in the verification code and password, confirm password and submit.

WiFi Pairing

eWeLink obtains device status and controls devices by sending commands through cloud server. That means all devices must first connect to WiFi router and connect to our Amazon AWS server. So every new device must be paired with your home WiFi and added to eWeLink account.

Before adding a device, Android phone must open WiFI.

Step 1. Long press on your device WiFi pairing button until it is fast blinking.

 

Step 2. Enter your home WiFi SSID and password.  Tap NEXT.

Step 4. eWeLink will auto-search and connect your device. "

 

 

My worry is that this may have compromised my security as it appears that a server somewhere in China will hold details of my WiFi password. I hope I am wrong !

Community Veteran
Posts: 4,746
Thanks: 1,045
Fixes: 27
Registered: 16-10-2014

Re: Internet of things

@shermans - From your last post this, to me at least, doesn't say, nor implies that your WiFi details are held remotely, but merely 'attached' to the device within your home. However, that's not to say these details aren't forwarded to the vendor as part of the registration process the device does when it accesses the cloud.

As this is worrying you, contact their customer support and ask them (via email, so you have a record of reply) outright if these details are stored by them or any third party outside of your LAN.

shermans
Rising Star
Posts: 1,052
Thanks: 27
Fixes: 1
Registered: 07-09-2007

Re: Internet of things

I emailed ITEAD / SONOFF and got the following reply - love the Chinese english !

 

"The password stored on sonoff device.didn't stored in the cloud.  I think it needn't wrong too much."

That seems to answer it !  Thanks for the suggestion.

Yorkshirekev99
Dabbler
Posts: 17
Registered: 31-07-2015

Re: Internet of things

^as Mook said, it's just the same as joining the WLAN with a new phone or PC. However, IOT devices are vastly unknown entities at present - I couldn't be convinced that the software authors are following security best practice. It would be a good idea to consider creating a separate SSID for IOT devices so that they're not on the same network as your home PC / phone. Also, if your router supports it, turn on wireless isolation, which prevents wireless devices talking to each other. This may mean you have to control your heating through a web portal even when at home, but it will give you bette protection

shermans
Rising Star
Posts: 1,052
Thanks: 27
Fixes: 1
Registered: 07-09-2007

Re: Internet of things

Thanks Dabbler.  That is helpful.

However, I don't know how to set up two SSIDs ?  I have a BT Homehub 5.  Do you know, by any chance ?

Yorkshirekev99
Dabbler
Posts: 17
Registered: 31-07-2015

Re: Internet of things

I assume by Dabbler you mean me... Wink I don't know the Home Hub I'm afraid. I believe they're fairly simple, so might not support more than one network. If it's possible, I'd just expect a button to add a new network.

shermans
Rising Star
Posts: 1,052
Thanks: 27
Fixes: 1
Registered: 07-09-2007

Re: Internet of things

Sorry, I thought that was your ID !

I have found out how to do it on the BT Homehub.  Basically, one SSID for 2.4. GHz and one for 5 GHz.  Not ideal but it will work.

Thanks for the tip.

Moderator
Moderator
Posts: 25,756
Thanks: 1,120
Fixes: 47
Registered: 14-04-2007

Re: Internet of things


Yorkshirekev99 wrote:

I assume by Dabbler you mean me... Wink

Some people mistakenly refer to the member's rank level name (e.g. Dabbler) rather than the member's forum name (e.g. Yorkshirekev99) Wink


 

Customer and Forum Moderator.
Product of the Tyrell Corporation
Browni
Seasoned Champion
Posts: 1,515
Thanks: 426
Fixes: 35
Registered: 02-03-2016

Re: Internet of things

@shermans using a different SSID for the different frequencies doesn't give the isolation which @Yorkshirekev99 was referring to.

I've just tried it on my Hub One (effectively a rebadged Homehub 5a) and my tablet connected on the 2.4GHz band could access my PC on the 5GHz band and vice versa.
I must have been really bad in a previous life. This is my 3rd ISP in a row that uses lithium.
Yorkshirekev99
Dabbler
Posts: 17
Registered: 31-07-2015

Re: Internet of things

Good point @Browni, I thought that may be the case as well. Does it support wireless isolation? that would mean the "thing" could only connect to the "internet", and not other home devices - unfortunately, it would also apply to all wireless devices, so would break anything like AppleTV and possibly other broadcast / multicast / peer to peer products

shermans
Rising Star
Posts: 1,052
Thanks: 27
Fixes: 1
Registered: 07-09-2007

Re: Internet of things

You are right.  I have just tried it and I can still see everything on my HomeGroup in both 2.4 and 5 GHz irrespective of whether the other computers are logged onto the same GHz.

However, I have also discovered that there is an apparent difference in the signal strenght between 2.4 and 5 GHz.  2.4 GHz is at full strength while 5 GHz is only three quarters strength, even though the computer is right next to the router.

 

I think I am going to switch back to synching the two as signal reach in my old cottage with thick cobb walls is always poor (To use WiFi, I need to have two additional routers connected by ethernet plus a TP Extender !)

Yorkshirekev99
Dabbler
Posts: 17
Registered: 31-07-2015

Re: Internet of things

The higher the frequency, the shorter the wavelength, and the harder it is for the signal to pass through solid objects, so you may find 2.4GHz passes through walls better. However, there are other variables, like 5gig doesn't travel as far but is less crowded than 2.4gig, so there is less interference. There shouldn't be a noticeable difference when you're so close though, but it may be that the HH 5gig radio is lower quality.

LeeT
Newbie
Posts: 2
Registered: 3 weeks ago

Re: Internet of things

Hi shermans... I found your post mentioning sonoff you are using to control your heating... I have done same, now looking for ways to make it easier to use. The ewelink is clunky... the most expensive thing to run in a home is the heating and I should have spotted that NOBODY was mentioning use of sonoff for this purpose... it’s a subtle thing but it cannot pass the spouse test as it is now.... I shouldn’t post to this dormant thread but cannot send pm yet and you have no “contact me” details showing. Appreciate any comments or info any might share. (Should be by new thread/pm/elsewhere though...) thanks
Tags (1)