Jump to content

[Feature Request] - HC2 Backup modification


Recommended Posts

Hi @ll.

 

Since there were some discussion going on in the FW 4.082 thread, I thought we should make that issue more prominent by a new topic.

 

Since we rely more and more on the HC2 to manage our homes, a proper backup solution for the HC2 is needed urgently as well. No one can send HC2 away for days or weeks. There should be a way to fulfill security issues on one hand and user requirements on the other in one solution.

 

Maybe some Statement of Needs to start with:

- system should create a secured(/encrypted) backup of all :!:  HC 2 data (secured with internal Fibaro signature/key)

- user should be able to input a key phrase for securing backup file (key phrase AND Fibaro signature secure backup file)

- backup file should be stored outside HC2

- user should be able to define place to store backup file (network, PC harddisk, USB stick)

- backup file should be restorable on new HC2 gateway <- most important!

         Fibaro could use signatures to secure backup file, new HC2 hardware have same signature inside so is able to read backup file from other hardware + user has to enter key phrase

         to make a certain backup file usable. By that mechanism I think we should be able to secure the backup file enough. File could not be used on different HW (Fibaro's internal key is

         missing) and cannot be used by any user on any HC2 (because initial user's key phrase is missing)

 

Of course there is also the problem with Z-Wave security to be solved by which (if I got that right) all devices are bound to one gateway during inclusion. So a new HC2 HW would actually bring a new Z-Wave "key". But maybe we can have a function to read out Z-Wave key to input that one in a new HC2 hardware.

 

Hope you can consider this solution.

 

Thanks a lot.

 

And thanks a lot for optimizing this forum as well. Seems to me in the last days were a couple of very positive changes here! Please go on like this! :-D

 

Regards to all.

 

Link to post
Share on other sites
  • 4 weeks later...
  • Replies 147
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

Hi @ll.   Since there were some discussion going on in the FW 4.082 thread, I thought we should make that issue more prominent by a new topic.   Since we rely more and more on the HC2 to manage ou

What ever type of backup procedure is implemented is OK as long it is possible to transfer backup to new HC without needing Fibaro engineers to participate. Fibaro, you must find a way to make migrati

Why not link backup to home.fibaro.com account?   Or possibility to create backup on a NAS or PC. There could be text window, where you put IP adress and path to exact folder and HC2/HCL, could save

Posted Images

Just wanted to push that issue again.

Do other users have ideas for the backup as well?

We should put them all together here so that Fibaro get our feedback on Backup here.

Still feel a bit 'uneasy' with the actual backup since I would have to start from scratch again (regarding device inclusions and IDs) when system would break.

May LUA be with us ....

Link to post
Share on other sites

Fo HCL, there could be some possibilities, becouse HCL backup is not much backup if it cannot be transfered to another HCL by regular user (with admin account to HCL).

Some Ideas:

  • Link Backup to home.fibaro.com account, if HCL is linked to home.fibaro.com account. And make possible to restore this backup in another HCL if it die.
  • Backup to user PC and possible restore to another HCL.
Link to post
Share on other sites

Hi @ll.

 

Since there were some discussion going on in the FW 4.082 thread, I thought we should make that issue more prominent by a new topic.

 

Since we rely more and more on the HC2 to manage our homes, a proper backup solution for the HC2 is needed urgently as well. No one can send HC2 away for days or weeks. There should be a way to fulfill security issues on one hand and user requirements on the other in one solution.

 

Maybe some Statement of Needs to start with:

- system should create a secured(/encrypted) backup of all :!:  HC 2 data (secured with internal Fibaro signature/key)

- user should be able to input a key phrase for securing backup file (key phrase AND Fibaro signature secure backup file)

- backup file should be stored outside HC2

- user should be able to define place to store backup file (network, PC harddisk, USB stick)

- backup file should be restorable on new HC2 gateway <- most important!

         Fibaro could use signatures to secure backup file, new HC2 hardware have same signature inside so is able to read backup file from other hardware + user has to enter key phrase

         to make a certain backup file usable. By that mechanism I think we should be able to secure the backup file enough. File could not be used on different HW (Fibaro's internal key is

         missing) and cannot be used by any user on any HC2 (because initial user's key phrase is missing)

 

Of course there is also the problem with Z-Wave security to be solved by which (if I got that right) all devices are bound to one gateway during inclusion. So a new HC2 HW would actually bring a new Z-Wave "key". But maybe we can have a function to read out Z-Wave key to input that one in a new HC2 hardware.

 

Hope you can consider this solution.

 

Thanks a lot.

 

And thanks a lot for optimizing this forum as well. Seems to me in the last days were a couple of very positive changes here! Please go on like this! :-D

 

Regards to all.

 

 

Just wanted to push that issue again.

Do other users have ideas for the backup as well?

We should put them all together here so that Fibaro get our feedback on Backup here.

Still feel a bit 'uneasy' with the actual backup since I would have to start from scratch again (regarding device inclusions and IDs) when system would break.

May LUA be with us ....

 

i very much agree that for expediency and safety it is allways better to have HC units not bound to backup in anny way and just have them saved on external source OR even Fibaro cloud (incase HCL particullary, because i do not want to put too much preassure on Fibaro demanding it has a USB port Atop other outreageous demmands such as more memory in both ROM and RAM those i will not give up).

 

Personaly i would think that binding recovery to specific unit is more troubble than it is worth. you should be able to access your backup via input of code and being connected to just anny HC2 (second aprt of code could be provided by Fibaro offcourse if they insist over the connection). From my perspective there is allready most of what is needed (patch from file could be load saved state and patch from file) just need it across all 2 units.

Link to post
Share on other sites

Hi @ll.

 

Since there were some discussion going on in the FW 4.082 thread, I thought we should make that issue more prominent by a new topic.

 

Since we rely more and more on the HC2 to manage our homes, a proper backup solution for the HC2 is needed urgently as well. No one can send HC2 away for days or weeks. There should be a way to fulfill security issues on one hand and user requirements on the other in one solution.

 

Maybe some Statement of Needs to start with:

- system should create a secured(/encrypted) backup of all :!:  HC 2 data (secured with internal Fibaro signature/key)

- user should be able to input a key phrase for securing backup file (key phrase AND Fibaro signature secure backup file)

- backup file should be stored outside HC2

- user should be able to define place to store backup file (network, PC harddisk, USB stick)

- backup file should be restorable on new HC2 gateway <- most important!

         Fibaro could use signatures to secure backup file, new HC2 hardware have same signature inside so is able to read backup file from other hardware + user has to enter key phrase

         to make a certain backup file usable. By that mechanism I think we should be able to secure the backup file enough. File could not be used on different HW (Fibaro's internal key is

         missing) and cannot be used by any user on any HC2 (because initial user's key phrase is missing)

 

Of course there is also the problem with Z-Wave security to be solved by which (if I got that right) all devices are bound to one gateway during inclusion. So a new HC2 HW would actually bring a new Z-Wave "key". But maybe we can have a function to read out Z-Wave key to input that one in a new HC2 hardware.

 

Hope you can consider this solution.

 

Thanks a lot.

 

And thanks a lot for optimizing this forum as well. Seems to me in the last days were a couple of very positive changes here! Please go on like this! :-D

 

Regards to all.

 

Hello,

 

Thank you for sharing your suggestion and idea. However, your description concerns securing and managing the backup files more than the process of a backup.

 

Your suggestion presents many processes/actions dependent on a single user - for example "a key phrase". What happens when a user forgets the key phrase? Going further, "a user should be able to define a place to store a backup file (network, PC harddisk, USB stick)" - access to a backup file will depend only on a user so support may not be able to help in many cases. This is just my insight.

 

I will forward your ideas to our team for debate.

Link to post
Share on other sites

Hello back.

I am happy that we could start a discussion on that topic since it is an important one.

Of course you have valid points with your thoughts.

Maybe it would be possible to have some option like 'standard' and 'experienced' so that user have an option to choose.

On the other hand I doubt that 'the convenience user without some IT experience' would choose HC2 as the system of choice because HC2 provides many options. Those are used by IT experienced users.

Therefore I think it is OK to put responsibility towards the user in this case.

Because what is the other option? HC2 and/or the recovery stick breaks. Then we have to send the whole system to you which means that the house is without controller. For any PC that might be an OK process but not for a system controlling a house including heat and alarm.

Therefore I wish for more 'external' backup possibilities including the feature to use a backup made with one HC2 on a new one.

Of course I am open for discussions and other views on this matter :)

May LUA be with us ..... :)

Link to post
Share on other sites

Hello,

 

Thank you for sharing your suggestion and idea. However, your description concerns securing and managing the backup files more than the process of a backup.

 

Your suggestion presents many processes/actions dependent on a single user - for example "a key phrase". What happens when a user forgets the key phrase? Going further, "a user should be able to define a place to store a backup file (network, PC harddisk, USB stick)" - access to a backup file will depend only on a user so support may not be able to help in many cases. This is just my insight.

 

I will forward your ideas to our team for debate.

yayy thanks for replying!

 

Well yess users might forget their codes but that happens all the time in all sorts of system, if they forget than that is their problem. Allso as i mentioned the cloud or component of restoring where Fibaro would have an authentication say in this matter might be helpfull (in order to restore backup on new HC you'd have to be connected to internet and verify that you are owner of Fibaro account by being loged in). its bit clumsy solution but could be sortof helpfull if user forgets their backup password.

 

Yes fibaro will not have pernament unlimited access to those backups. But you do nto need to have that much access to it do you? it is enough to have access to backup whenever it is needed for troubleshooting and or restoring. and at that point it would have been pluged in (incase of USB stick).I do not think i see problem you are seeing in this regard - HC2 woudl kep its default flashdrive and users would just coppy stable backup unto new one and boom problem delt with secondary backup incase something goes wrong on primary backup or unit itselve.

Link to post
Share on other sites

Why not link backup to home.fibaro.com account?

 

Or possibility to create backup on a NAS or PC. There could be text window, where you put IP adress and path to exact folder and HC2/HCL, could save/load backups from there and user will have their backups in his devices.

 

But i would preffer, if units could load backup from another unit. I do not know, if it would be even possible, becouse Gateway network ID should change accroding to network ID in backup.

Link to post
Share on other sites
  • 3 months later...

What ever type of backup procedure is implemented is OK as long it is possible to transfer backup to new HC without needing Fibaro engineers to participate. Fibaro, you must find a way to make migration of system from old to new HC doable by users alone. As I mention once before, if in some future you release new version of HC box current users must be able to replace old box with new one without effort.

Link to post
Share on other sites
  • 2 weeks later...
Quote

Your suggestion presents many processes/actions dependent on a single user - for example "a key phrase". What happens when a user forgets the key phrase? Going further, "a user should be able to define a place to store a backup file (network, PC harddisk, USB stick)" - access to a backup file will depend only on a user so support may not be able to help in many cases. This is just my insight.

 

Thank you all for keeping the discussion on another backup solution alive.

 

For T.Konopka I can only say that any backup solution is better than none at all.


My Recovery stick has been inoperable for over a year now and I have no backup solution at all!
I would be VERY GRATEFUL to be able to backup an ordinary USB memory stick.


I'm absolutely not afraid that someone would steal my unprotected backup.

If I repair my Recovery stick for expensive money, then I would be more afraid that it will become broken again, than anyone would steal my backup!

 

How do you Fiboro people think about backups? It is not my personal mail or documents in this backup. Just the light in my house!

Edited by RH_Dreambox
Link to post
Share on other sites

Fibaro, as mentioned before (a lot!), it's all about freedom of choice. Let us decide what to use or not and us to decide to accept the consequences.

Link to post
Share on other sites

So after a while i am curious:

Has there been anny progress made Fibaro?

Annything your tech team mentioned during meeting this was brought up at that would prevent or complicate implementing this issue?

Can we - users/resellers/support team members do annything to help in developing/applying backup method into cloud/own device?

 

(i am very partial to solution where we'd save backup up into the cloud - the cloud is there backups are not that big and Fibaro woudl mostly retain controll. We'd allso be able to restore backup from damaged or inoperational device even if said device would not be able to work.)

Link to post
Share on other sites
43 minutes ago, Kuba13 said:

the cloud is there backups are not that big and Fibaro woudl mostly retain controll. We'd allso be able to restore backup from damaged or inoperational device even if said device would not be able to work.)

 

Why should Fibaro retain control over our backups? What's wrong about the users having control? :shock:

Let us decide where to store.I don't definitely want to store anything at Fibaro's without a proper explanation what are doing with it and how it is stored.

Fibaro has a really bad track record about what their are saying and what they are (not) doing.

Link to post
Share on other sites
25 minutes ago, Lambik said:

 

Why should Fibaro retain control over our backups? What's wrong about the users having control? :shock:

Let us decide where to store.I don't definitely want to store anything at Fibaro's without a proper explanation what are doing with it and how it is stored.

Fibaro has a really bad track record about what their are saying and what they are (not) doing.

I am getting sense from them that they are bit paranoid and would like to retain controll over as much of the system as they can. this is my way of offering them chance to keep holding on to that controll while letting users enjoy benefits of actually usefull backup.

 

Sadly there is no way that i can see you could connect HCL to USB and store data that way *sigh* . Shame i really prefer physicall device over cloud solutions.

Link to post
Share on other sites

definitely no backups in the cloud, if one wish to save them somewhere - so do it - but not by default cloud. External location, like "download backup button" is fine, the format can stay as is, encryption as well. As all backups checksums and names are stored in running database anyway, no reason to care that much about importing of manipulated backup (because steps to manipulate are the same, if coming from external or from internal stick). So please Fibaro, simply add export and import button (and zip them + crc check after import).

Link to post
Share on other sites

You're absolutely right @tinman.

I really don't get Fibaro's way of thinking and how they operate. It looks (and feels) they want to control everything.

That's the way they're communicating and it indicates that you underestimate (or worse, don't trust) your own users. It looks like they refuse to accept that a bought device is owned by the user, not the company that build it.

 

So, if they're not trusting me, how should I trust them?

Link to post
Share on other sites

Hello,

 

Dnia 2.12.2016 o 12:47, Lambik napisał:

Fibaro, as mentioned before (a lot!), it's all about freedom of choice. Let us decide what to use or not and us to decide to accept the consequences.

 

Sure, I partially and personally agree, but as a company we have to think about all users especially new users that start they journey with home automation. You are an experienced user so many aspects of the system are clear to you, but inexperienced users may not think through every step they take while using our system. In case of losing backup, guess who will be blamed? ;-)

 

Dnia 5.12.2016 o 12:13, Lambik napisał:

Why should Fibaro retain control over our backups? What's wrong about the users having control? :shock:

Let us decide where to store.I don't definitely want to store anything at Fibaro's without a proper explanation what are doing with it and how it is stored.

Fibaro has a really bad track record about what their are saying and what they are (not) doing.

@Lambik, please stop with all this conspiracy. We are all about safety and being able to assist when it's needed. Letting all users creating backups anywhere and restoring anything they want will create mayhem. And again, guess who will be blamed for this? ;-) We try to think ahead and foresee what a change may cause.

 

Kidding aside, I did not receive any information in which direction we are heading so I cannot share anything new with you. Discussions have started some time ago, but there are many projects that we are working on and we need to time them right with each other. We do not underestimate our users and we do trust them, but we want to make everything work and avoid creating a mess.

I am happy that the discussion is still live on the forum. I can assure you that your insights and suggestions are being passed to appropriate persons. :-)

Link to post
Share on other sites
1 hour ago, T.Konopka said:

Hello,

 

 

Sure, I partially and personally agree, but as a company we have to think about all users especially new users that start they journey with home automation. You are an experienced user so many aspects of the system are clear to you, but inexperienced users may not think through every step they take while using our system. In case of losing backup, guess who will be blamed? ;-)

 

@Lambik, please stop with all this conspiracy. We are all about safety and being able to assist when it's needed. Letting all users creating backups anywhere and restoring anything they want will create mayhem. And again, guess who will be blamed for this? ;-) We try to think ahead and foresee what a change may cause.

 

Kidding aside, I did not receive any information in which direction we are heading so I cannot share anything new with you. Discussions have started some time ago, but there are many projects that we are working on and we need to time them right with each other. We do not underestimate our users and we do trust them, but we want to make everything work and avoid creating a mess.

I am happy that the discussion is still live on the forum. I can assure you that your insights and suggestions are being passed to appropriate persons. :-)

First of all, a big thanks for your respond! This is highly appreciated. And I'm not kidding.

 

I really think this is what I meant by giving the the (forum) users some insight from your point of view and how you're operating. Of course, I probably disagree at many decisions Fibaro is making, but my point is: Communicate!

 

Maybe you can clarify some of the things what is really agitating me for a (long) time.

1 - Why there is no opt out for Google analytics? I saw in the Fibaro Android App an option can be made whether to send anonymous data to Fibaro for debugging. Why not implement something like that for the HC2 Webmin?

2 - If security is giving priority, why can we still login (in local LAN) unencrypted?

3 - Why isn't a button added, in the new beta configuration wizard,  'Skip this wizard (for advanced users only, activate at own risk)' ?

4 - Something similar as point 3, but then for exporting backups to your own harddrive/Nas?

5 - Why is the embedded HC2 debian Linux version not updated?

 

Please share your point of view, I won't blame you afterwards :mrgreen:

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...