Jump to content

Welcome to Smart Home Forum by FIBARO

Dear Guest,

 

as you can notice parts of Smart Home Forum by FIBARO is not available for you. You have to register in order to view all content and post in our community. Don't worry! Registration is a simple free process that requires minimal information for you to sign up. Become a part of of Smart Home Forum by FIBARO by creating an account.

 

As a member you can:

  •     Start new topics and reply to others
  •     Follow topics and users to get email updates
  •     Get your own profile page and make new friends
  •     Send personal messages
  •     ... and learn a lot about our system!

 

Regards,

Smart Home Forum by FIBARO Team


[Feature Request] - HC2 Backup modification


SmartStart

Recommended Posts

  • Topic Author
  • Hello all.

     

    Also happy that this issue is still in discussion.

     

    @Fibaro:

    Your concerns sound ok but what is the implication of that?

    User can only store their crucial backups on the "external" storage which is attached to the device. If device breaks probalitiy is high that the stick gets corrupted as well. And then? We have to send the whole unit to Poland. Apart from shipping costs it also means, no system at home for some days/maybe weeks!

    Thinking about the abilities of your standard user is great and important. Nevertheless I see it that when user buying HC2 and starting home automation they can handle a PC and are more or less able to take responsibility of backups. People who just are able to use a point-and-click systems will certainly not buy Fibaro but go for all those other cloud-based solutions with limited but more convenient funtcionality.

    Fibaro users are different in that.

     

    Apart from that, what prevent you from offering the choice for the user? Offer a standard backup configuration (like it is now) and a individual one (user can choose storage path - including local network path - for storing the backup files). So if user fears that this is over his/her head, he/she does.... nothing - and the backup storeage place is like it is now. Or user is able to handle backups and can configure another path.

     

    What troubles me still on top of that storage place discussion is the issue that I cannot replace my HC2 with another one and use the old backup files. Means in case the HC2 crashes and cannot be repaired, I have to get a new device and then **everything** is lost! :( I would have to start from scratch again. Not good.....!

    There are other solutions to prevent this while still provide security of the backup files or the system.

     

    It is a great thing that you constantly add new functions and provide new device support.

    But **please** do not foget such basic features for your great solution.

    Guess I repeat myself here..... home automation is about trust. Trust in the system (and manufacturer). As long as there is a danger, that I lose all my configuration, scenes, VDs etc. or I cannot control my home for one or two weeks because unit is shipped to somewhere due to a system break, how can I trust this system with the automation of my home??!

     

    You did a great job in the last months!

    You are reacting on user feedback, have shipped betas more frequent, included lots of new devices and funtions. This forum is MUCH better then it used to be.

    Please keep that up.

     

    Regards to everyone.... and may LUA be with us. :)

     

    Link to comment
    Share on other sites

    On ‎07‎.‎12‎.‎2016 at 7:25 PM, Lambik said:

    1 - Why there is no opt out for Google analytics? I saw in the Fibaro Android App an option can be made whether to send anonymous data to Fibaro for debugging. Why not implement something like that for the HC2 Webmin?

    2 - If security is giving priority, why can we still login (in local LAN) unencrypted?

    3 - Why isn't a button added, in the new beta configuration wizard,  'Skip this wizard (for advanced users only, activate at own risk)' ?

    4 - Something similar as point 3, but then for exporting backups to your own harddrive/Nas?

    5 - Why is the embedded HC2 debian Linux version not updated?

     

    Please share your point of view, I won't blame you afterwards :mrgreen:

     

    my opinion:

     

    1 - agree

    2 - Jesus no!!!! nobody need encrypted communication in LAN

    3 - it is already implemented 

    4 - you know my opinion about backups, they ok except the missing export/import button 

    5 - there is nothing wrong with that old and stable Debian, i don't need new kernel nor any of the features 

    Link to comment
    Share on other sites

    9 minutes ago, SmartStart said:

    What troubles me still on top of that storage place discussion is the issue that I cannot replace my HC2 with another one and use the old backup files. Means in case the HC2 crashes and cannot be repaired, I have to get a new device and then **everything** is lost! :( I would have to start from scratch again. Not good.....!

     

     

    that's not truth, one can migrate all the data from HC2 to HC2

    Link to comment
    Share on other sites

  • Topic Author
  • who is that one? :)

    Certainly not me as an end user.... but for such a system I would like to be that one.

    Link to comment
    Share on other sites

    2 hours ago, tinman said:

     

    that's not truth, one can migrate all the data from HC2 to HC2

    Hi @tinman,

     

    Can you please elaborate how data can be migrated from dead HC2 to new HC2? I don't think that it is possible except if you buy new HC2 before old HC2 die and migrate data in advance.

    Link to comment
    Share on other sites

    3 hours ago, SmartStart said:

    but for such a system I would like to be that one.

     

    why? What's wrong with sending broken HC2 to the store/reseller, or us, or Fibaro?

    Link to comment
    Share on other sites

    If mine developed an issue it would be back at Vesternet as i would be covered under the consumer law in the EU as it would be classed as 'not fit for purpose' basically reduces system functionality and both the manufacturer and distributor are aware of the situation. Forcing any additional cost to yourself as an end user is illegal from the manufacturer!

     

    They have to provide a product that should not fail for the same reason on many devices consistently within 6 years!

     

    Hopefully will not happen to me but you have legal rights! Ask Apple they love the EU consumer law! (and they abide by it)

    Link to comment
    Share on other sites

    Gents, the key issue is down time. I would like to see a system with a minimal risk e.g. minimal probability and minimal consequence. Consequence is to me (primarily) a function of time...

    Link to comment
    Share on other sites

  • Topic Author
  • 12 hours ago, tinman said:

     

    why? What's wrong with sending broken HC2 to the store/reseller, or us, or Fibaro?

     

    That should be one option out of at least two (2nd would be customer can do it as well).

    1st Reason:

    HC2 can be used with a myriad of other internal and external services. Therefore there are sensitive data stored on the device (auth keys, passwords and account information etc.). I would not like someone externally have access to those data while transferring backup. 

    2nd reason:

    Downtime. Sending the whole device across Europe (or for other users living outside of Europe - across the world) will result in a long downtime. Imagine users who use HC2 as a light security system and/or control their heating.....

    when things happen I can get a new HC2 device within one or two days. Then I could use backup to set up those new box and the automation is back alive within 2 days (IF we would have a chance to do that....). sending my old HC2 to someone and he send it back to me result in much longer downtime.

    3rd reason:

    Will your company or Fibaro do this service for free? Who has to pay shipping costs?

     

    So far I am not aware of other systems having such a closed backup policy (well, maybe there are some I am not aware of...). Again, it might be ok for other devices which are not that crucial for me and my family. But not for such a central system which - also based on Fibaros marketing - should make life easier....

     

    please keep this discussion alive.

    We should discuss all relevant issues and I hope Fibaro is going to join this actively.

    This is one of the most important issues on HC2 from my point of view. Device support is something for convenience (especially since one can support nearly all devices even without templates...), GUI issues are for convenience as well but THIS function is one of the core features.

     

    @Fibaro: could you please state your actual thinking on this?

     

    kind regards..... and may LUA be with us...

    Link to comment
    Share on other sites

    I also appreciate a kind of standby unit. I would pay for a second device just laying in my sideboard and wait to get used in case of an emergency...

     

    What I think would be possible is (or am I just dreaming?):

    • Adding this second HC2 as a second controller (so it is in the same z-wave network). 
    • In case of break down of the main (first) HC2 we just have to connect USB stick (or use any other backup solution that does not exist yet) to the second unit., update it to the same version and restore the backup.
    • The new unit will get the node id 1 and everything should work as before in less than half an hour (all device IDs should stay the same so we don't have to reconfigure every internal and external script)..
    Link to comment
    Share on other sites

    My Fibaro Home Center 2 is as the name indicates the central hub in my house, not only controlling z-wave, but tying into all the other systems and commanding almost all the different functions ("alarm", light, heating, ventilation, water, and the media systems).  To say a broken HC2 is an inconvenience is an understatement.

     

    So I have invested in a fall back/fail over (mobile) internet connection and UPS, but the single HC2 z-wave controller remains the Achilles´ heel of the system.

     

    I have now been waiting for years for Fibaro to fix this fundamental conceptual flaw, or at least to minimize it - e.g. to have a back up at hand ready to load to a new/spare HC2.

     

    So far during the years I have experienced two major breakdowns. The experience of shipping my unit to Poland and waiting for the return of a fixed (replaced motherboard) I rather not reiterate. It was a lousy two week period for my family.

    Edited by 1152
    Link to comment
    Share on other sites

    3 hours ago, SmartStart said:

     

    1st Reason:

    HC2 can be used with a myriad of other internal and external services. Therefore there are sensitive data stored on the device (auth keys, passwords and account information etc.). I would not like someone externally have access to those data while transferring backup. 

    which is why i prefer Fibaro gateways, no stress nor dependency on/with any external services (if not req., like weather or push/email, but even this can be done without Fibaro servers).

    The fact, that sensitive data is stored on HC2 is great from security point of view, but on the other hand it does have influence on downtimes in service case, see below

     

    3 hours ago, SmartStart said:

    2nd reason:

    Downtime. Sending the whole device across Europe (or for other users living outside of Europe - across the world) will result in a long downtime. Imagine users who use HC2 as a light security system and/or control their heating.....

    when things happen I can get a new HC2 device within one or two days. Then I could use backup to set up those new box and the automation is back alive within 2 days (IF we would have a chance to do that....). sending my old HC2 to someone and he send it back to me result in much longer downtime.

     

    having things stored in hardware, one have always downtime (time to get replacement hardware)

     

    3 hours ago, SmartStart said:

    3rd reason:

    Will your company or Fibaro do this service for free? Who has to pay shipping costs?

     

    There are people who hitchhike around the world, on almost no costs - except time. Others use planes, cars, bikes, taxi - and pay money to save time.

     

    Fibaro afaik, if HC2 still covered by manufacturer warranty, is doing this for free - except shipping costs of course. Remember, lot of things can be done remotely, and Fibaro provides (for a manufacturer) adequate service, for free (except phone costs).

     

    We not, we charge for service. We offer our emergency service to reduce downtime to minimum, e.g. for people who have spare HC2 we can reduce downtime to few hours (reaction + data migration time), or even virtually zero for those who have standby unit (unplug main HC2, plugin standby HC2 and power on). We do not force nor incite customers to get spare/standby unit, for most customers it is good enough to get replacement unit on next day. 

     

    A quick overview what are the differences;


    spare unit:

    drawbacks -> our reaction time, time to get data synced, fw updated, etc

    advantages -> no initial costs (except spare HC2 costs of course)

     

    standby unit:

    drawbacks -> initial costs (the data need to be once cloned), additional sync costs extra money (

    advantages -> downtime virtually zero 

     

    no unit:

    drawbacks -> time to get hardware, time to get things restored

    advantages -> no initial costs at all

     

    Additionally we do provide repair service, e.g. for units not covered with manufacturer warranty, this costs money as well, but i think this is clear to everybody.

    Link to comment
    Share on other sites

  • Topic Author
  • @tinman

    I do not really understand why you think the actual limited backup solution is the best way to do backup (at least I got the impression from your answers... but maybe I got you totally wrong...).

     

    Especially because all data are stored on the device means a backup should be located somewhere else, NOT on any storage attached directly to the unit.

     

    And what I meant with sensitive data stored in HC2 ('...myraid of other internal and external services...') means not that I prefer cloud based services. I have bought Fibaro's HC2 especially because I not want those data stored somewhere else... only to see now that I cannot create a backup in another location (topic #1) and I am not able to use that backup (if #1 is possible some day soon...hopfully!!) for a spare unit (topic #2). And on top I would have third parties involved to migrate data from one unit to another one and therefore theoretically being able to access all those sensitive data (topic #3).....

     

    In one of my former posts I already offered a possible solution approach to have the same security level while at the same time provide user with the possibility to migrate from one unit to another one (from my first post in this thread):

     

    On 28.6.2016 at 11:50 AM, SmartStart said:

     

    Maybe some Statement of Needs to start with:

     

    - system should create a secured(/encrypted) backup of all

    Please login or register to see this image.

    /uploads/emoticons/default_icon_exclaim.gif" />  HC 2 data (secured with internal Fibaro signature/key)

    - user should be able to input a key phrase for securing backup file (key phrase AND Fibaro signature secure backup file)

    - backup file should be stored outside HC2

    - user should be able to define place to store backup file (network, PC harddisk, USB stick)

    - backup file should be restorable on new HC2 gateway <- most important!

             Fibaro could use signatures to secure backup file, new HC2 hardware have same signature inside so is able to read backup file from other hardware + user has to enter key phrase

             to make a certain backup file usable. By that mechanism I think we should be able to secure the backup file enough. File could not be used on different HW (Fibaro's internal key is

             missing) and cannot be used by any user on any HC2 (because initial user's key phrase is missing)

     

    Of course there is also the problem with Z-Wave security to be solved by which (if I got that right) all devices are bound to one gateway during inclusion. So a new HC2 HW would actually bring a new Z-Wave "key". But maybe we can have a function to read out Z-Wave key to input that one in a new HC2 hardware.

     

     

    (still... Fibaro could provide a standard backup (= as it is now) and an expert mode (= more user responsibilities but more flexible)

     

    About downtime:

    I always thought you need to have physical access to the spare unit and the broken unit (or at least the emergency stick with backups). How is it possible for you to reduce downtime to hours if user has spare units?

     

    I NOT want to crash you business here. I am very happy that there seems to be at least some possibilities which your company has, but not other users. Just due to my topic #3 and the downtime, I would like to do that myself.

     

    I hope Fibaro ( @T.Konopka ) adds to this discussion and we all can create a solution for this crucial feature request.

     

    Kind regards to all who participate (and all readers as well :) ).

    And LUA.... well I think it is strong here anyway :)

     

     

     

    Link to comment
    Share on other sites

    I would prefer at "hot" standby unit, e.g. preferably some sort of automatic failover if main HC2 fails, or if this does not happen, a way to (remotely) command the change over. I presume this would require a sort of continuous back up prosess / mirroring or similar  redundancy.

     

    I believe this type of fault tolerance ultimately will materialize (just as some sort of RAID is common on NAS). That is if z-wave and Fibaro want to be a prime / the preferred solution.

    Link to comment
    Share on other sites

    On 14-12-2016 at 3:40 PM, tinman said:

     

    my opinion:

     

    1 - agree

    2 - Jesus no!!!! nobody need encrypted communication in LAN

    3 - it is already implemented 

    4 - you know my opinion about backups, they ok except the missing export/import button 

    5 - there is nothing wrong with that old and stable Debian, i don't need new kernel nor any of the features 

    2 - Excuse me? I have all communication in my LAN encrypted. You may never know if a LAN device is compromised and hackers are monitoring your local network for access to other devices connected on your network. A lot of devices, like (old) routers, NAS devices, IoT-devices are known to be compromised to gain access to a local networks, not to mention the weakness of WiFi. Security is as strong as the weakest link!

    5 - Even in Debian, or other Linux distros, there are vulnerabilities. Normally this vulnerabilities are 'patched' with updates from the distros repositories. So far as I know this is not (automatically) done by the HC2. I didn't notice any communication to the package source of the Debian repository. So it looks like iit's not maintained, but I'm not sure. I have to investigate this by gaining root access, but maybe you already have any insight on this?

    Link to comment
    Share on other sites

    14 minutes ago, Lambik said:

    2 - Excuse me? I have all communication in my LAN encrypted. You may never know if a LAN device is compromised and hackers are monitoring your local network for access to other devices connected on your network. A lot of devices, like (old) routers, NAS devices, IoT-devices are known to be compromised to gain access to a local networks, not to mention the weakness of WiFi. Security is as strong as the weakest link!

     

    then you should know how insecure are embedded devices with exact the same private keys in each of them. No thanks, if someone is already in my network, then i have much bigger issues than some blinking lights or doors being open the whole night. I don't need to run with umbrella, ski suit and suncream trough my house only because maybe one day the house roof can breaks ... but that's me, others think different, for sure.

     

    14 minutes ago, Lambik said:

    5 - Even in Debian, or other Linux distros, there are vulnerabilities. Normally this vulnerabilities are 'patched' with updates from the distros repositories. So far as I know this is not (automatically) done by the HC2. I didn't notice any communication to the package source of the Debian repository. So it looks like iit's not maintained, but I'm not sure. I have to investigate this by gaining root access, but maybe you already have any insight on this?

     

    majority vulnerabilities with this Debian 2.6.32.5 are related to services not enabled/not running on HC2.

    But for sure Fibaro could force an update to 2.6.32.71 (which is the latest 2.6.32), however i don't see a reason to get 4.9 installed

     

    Link to comment
    Share on other sites

    9 minutes ago, tinman said:

     

    then you should know how insecure are embedded devices with exact the same private keys in each of them. No thanks, if someone is already in my network, then i have much bigger issues than some blinking lights or doors being open the whole night. I don't need to run with umbrella, ski suit and suncream trough my house only because maybe one day the house roof can breaks ... but that's me, others think different, for sure.

    Then we agree to disagree. ;-)

     

    9 minutes ago, tinman said:

    majority vulnerabilities with this Debian 2.6.32.5 are related to services not enabled/not running on HC2.

    But for sure Fibaro could force an update to 2.6.32.71 (which is the latest 2.6.32), however i don't see a reason to get 4.9 installed

    Okay, thanks for the info.

    BTW do you know, when having root access and update it my self to 2.6.32.71, it could break down the HC2?

    Edited by Lambik
    Link to comment
    Share on other sites

     

    40 minutes ago, SmartStart said:

    @tinman

    I do not really understand why you think the actual limited backup solution is the best way to do backup (at least I got the impression from your answers... but maybe I got you totally wrong...).

     

     

    you got me wrong, i wish there would be an export/import option (see page one of this topic). That is enough,

     

    Quote

    About downtime:

    I always thought you need to have physical access to the spare unit and the broken unit (or at least the emergency stick with backups). How is it possible for you to reduce downtime to hours if user has spare units?

     

    magic ^^^

     

    40 minutes ago, SmartStart said:

    I NOT want to crash you business here. I am very happy that there seems to be at least some possibilities which your company has, but not other users. Just due to my topic #3 and the downtime, I would like to do that myself.

     

    it is not what you think, there is no problem with losing money, nor to post detailed how-to repair/migrate/xxx, but the "problem" is on Fibaro side of this story. Why? Very simple:

     

    Please login or register to see this link.

      nr 14.:

     

     - damage resulting from the use of non-original spare parts and equipment, unsuitable for a given model, or resulting from repairs and modifications carried out by unauthorized persons;

     

    They simply don't want that unauthorized persons are playing with the recovery stick, that's all. And yes, to get data moved from HC2 to HC2 you have to unplug both and access to both, which render the warranty void (due to §14). An accidentally damage risk is additional problem. And we, as Fibaro Partner, have to accept their request to not invite customers to render manufacturer warranty void. No more, no less.

     

    Quote

    I would like to do that myself.

     

    Now please be honest, and tell me, if your iPhones display is broken, do you exchange the display by yourself? Do you? ok, but what if NAND memory is broken, do you exchange it as well? And what with Apple asic? The point is, i could do this, i have enough equipment here, but why for? There is perfectly working service which will do this for me. Same for my car, why in the hell i have to change wheels? There are ppl, who have maybe children / family, i can not just take their job and do everything myself. If they do that job, i have still my insurance, i can sleep well.  So why not with Fibaro / Smart home ? Because "i could do" something, hell no, one can spend days to code nice things and let others - who knows how - to do their job.

     

    Link to comment
    Share on other sites

    1 hour ago, Lambik said:

    BTW do you know, when having root access and update it my self to 2.6.32.71, it could break down the HC2?

     

    i guess yes, it will break the system. Sure, I did updated / added some packages on my plugin dev unit, but never touched kernel.

    Link to comment
    Share on other sites

    We have some very knowledgeable persons attending the forum. That said I belive what is asked for in regard to a back up/standby solution should be provided by Fibaro on a par with the rest of the system.

     

    If I can do it on my router/sw/AP why not on a z-wave controller/gateway like the HC2?  

    Link to comment
    Share on other sites

    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.

    Guest
    Reply to this topic...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×
    ×
    • Create New...