Jump to content

Welcome to Smart Home Forum by FIBARO

Dear Guest,

 

as you can notice parts of Smart Home Forum by FIBARO is not available for you. You have to register in order to view all content and post in our community. Don't worry! Registration is a simple free process that requires minimal information for you to sign up. Become a part of of Smart Home Forum by FIBARO by creating an account.

 

As a member you can:

  •     Start new topics and reply to others
  •     Follow topics and users to get email updates
  •     Get your own profile page and make new friends
  •     Send personal messages
  •     ... and learn a lot about our system!

 

Regards,

Smart Home Forum by FIBARO Team


[Feature Request] - HC2 Backup modification


SmartStart

Recommended Posts

Hi @ll.

 

Since there were some discussion going on in the FW 4.082 thread, I thought we should make that issue more prominent by a new topic.

 

Since we rely more and more on the HC2 to manage our homes, a proper backup solution for the HC2 is needed urgently as well. No one can send HC2 away for days or weeks. There should be a way to fulfill security issues on one hand and user requirements on the other in one solution.

 

Maybe some Statement of Needs to start with:

- system should create a secured(/encrypted) backup of all

Please login or register to see this image.

/emoticons/default_icon_exclaim.gif" alt=":!:" />  HC 2 data (secured with internal Fibaro signature/key)

- user should be able to input a key phrase for securing backup file (key phrase AND Fibaro signature secure backup file)

- backup file should be stored outside HC2

- user should be able to define place to store backup file (network, PC harddisk, USB stick)

- backup file should be restorable on new HC2 gateway <- most important!

         Fibaro could use signatures to secure backup file, new HC2 hardware have same signature inside so is able to read backup file from other hardware + user has to enter key phrase

         to make a certain backup file usable. By that mechanism I think we should be able to secure the backup file enough. File could not be used on different HW (Fibaro's internal key is

         missing) and cannot be used by any user on any HC2 (because initial user's key phrase is missing)

 

Of course there is also the problem with Z-Wave security to be solved by which (if I got that right) all devices are bound to one gateway during inclusion. So a new HC2 HW would actually bring a new Z-Wave "key". But maybe we can have a function to read out Z-Wave key to input that one in a new HC2 hardware.

 

Hope you can consider this solution.

 

Thanks a lot.

 

And thanks a lot for optimizing this forum as well. Seems to me in the last days were a couple of very positive changes here! Please go on like this!

Please login or register to see this image.

/emoticons/default_icon_biggrin.gif" alt=":-D" />

 

Regards to all.

 

Link to comment
Share on other sites

  • 4 weeks later...
  • Topic Author
  • Just wanted to push that issue again.

    Do other users have ideas for the backup as well?

    We should put them all together here so that Fibaro get our feedback on Backup here.

    Still feel a bit 'uneasy' with the actual backup since I would have to start from scratch again (regarding device inclusions and IDs) when system would break.

    May LUA be with us ....

    Link to comment
    Share on other sites

    Fo HCL, there could be some possibilities, becouse HCL backup is not much backup if it cannot be transfered to another HCL by regular user (with admin account to HCL).

    Some Ideas:

    • Link Backup to home.fibaro.com account, if HCL is linked to home.fibaro.com account. And make possible to restore this backup in another HCL if it die.
    • Backup to user PC and possible restore to another HCL.
    Link to comment
    Share on other sites

    Hi @ll.

     

    Since there were some discussion going on in the FW 4.082 thread, I thought we should make that issue more prominent by a new topic.

     

    Since we rely more and more on the HC2 to manage our homes, a proper backup solution for the HC2 is needed urgently as well. No one can send HC2 away for days or weeks. There should be a way to fulfill security issues on one hand and user requirements on the other in one solution.

     

    Maybe some Statement of Needs to start with:

    - system should create a secured(/encrypted) backup of all

    Please login or register to see this image.

    /emoticons/default_icon_exclaim.gif" alt=":!:" />  HC 2 data (secured with internal Fibaro signature/key)

    - user should be able to input a key phrase for securing backup file (key phrase AND Fibaro signature secure backup file)

    - backup file should be stored outside HC2

    - user should be able to define place to store backup file (network, PC harddisk, USB stick)

    - backup file should be restorable on new HC2 gateway <- most important!

             Fibaro could use signatures to secure backup file, new HC2 hardware have same signature inside so is able to read backup file from other hardware + user has to enter key phrase

             to make a certain backup file usable. By that mechanism I think we should be able to secure the backup file enough. File could not be used on different HW (Fibaro's internal key is

             missing) and cannot be used by any user on any HC2 (because initial user's key phrase is missing)

     

    Of course there is also the problem with Z-Wave security to be solved by which (if I got that right) all devices are bound to one gateway during inclusion. So a new HC2 HW would actually bring a new Z-Wave "key". But maybe we can have a function to read out Z-Wave key to input that one in a new HC2 hardware.

     

    Hope you can consider this solution.

     

    Thanks a lot.

     

    And thanks a lot for optimizing this forum as well. Seems to me in the last days were a couple of very positive changes here! Please go on like this!

    Please login or register to see this image.

    /emoticons/default_icon_biggrin.gif" alt=":-D" />

     

    Regards to all.

     

     

    Just wanted to push that issue again.

    Do other users have ideas for the backup as well?

    We should put them all together here so that Fibaro get our feedback on Backup here.

    Still feel a bit 'uneasy' with the actual backup since I would have to start from scratch again (regarding device inclusions and IDs) when system would break.

    May LUA be with us ....

     

    i very much agree that for expediency and safety it is allways better to have HC units not bound to backup in anny way and just have them saved on external source OR even Fibaro cloud (incase HCL particullary, because i do not want to put too much preassure on Fibaro demanding it has a USB port Atop other outreageous demmands such as more memory in both ROM and RAM those i will not give up).

     

    Personaly i would think that binding recovery to specific unit is more troubble than it is worth. you should be able to access your backup via input of code and being connected to just anny HC2 (second aprt of code could be provided by Fibaro offcourse if they insist over the connection). From my perspective there is allready most of what is needed (patch from file could be load saved state and patch from file) just need it across all 2 units.

    Link to comment
    Share on other sites

    Hi @ll.

     

    Since there were some discussion going on in the FW 4.082 thread, I thought we should make that issue more prominent by a new topic.

     

    Since we rely more and more on the HC2 to manage our homes, a proper backup solution for the HC2 is needed urgently as well. No one can send HC2 away for days or weeks. There should be a way to fulfill security issues on one hand and user requirements on the other in one solution.

     

    Maybe some Statement of Needs to start with:

    - system should create a secured(/encrypted) backup of all

    Please login or register to see this image.

    /emoticons/default_icon_exclaim.gif" alt=":!:">  HC 2 data (secured with internal Fibaro signature/key)

    - user should be able to input a key phrase for securing backup file (key phrase AND Fibaro signature secure backup file)

    - backup file should be stored outside HC2

    - user should be able to define place to store backup file (network, PC harddisk, USB stick)

    - backup file should be restorable on new HC2 gateway <- most important!

             Fibaro could use signatures to secure backup file, new HC2 hardware have same signature inside so is able to read backup file from other hardware + user has to enter key phrase

             to make a certain backup file usable. By that mechanism I think we should be able to secure the backup file enough. File could not be used on different HW (Fibaro's internal key is

             missing) and cannot be used by any user on any HC2 (because initial user's key phrase is missing)

     

    Of course there is also the problem with Z-Wave security to be solved by which (if I got that right) all devices are bound to one gateway during inclusion. So a new HC2 HW would actually bring a new Z-Wave "key". But maybe we can have a function to read out Z-Wave key to input that one in a new HC2 hardware.

     

    Hope you can consider this solution.

     

    Thanks a lot.

     

    And thanks a lot for optimizing this forum as well. Seems to me in the last days were a couple of very positive changes here! Please go on like this!

    Please login or register to see this image.

    /emoticons/default_icon_biggrin.gif" alt=":-D">

     

    Regards to all.

     

    Hello,

     

    Thank you for sharing your suggestion and idea. However, your description concerns securing and managing the backup files more than the process of a backup.

     

    Your suggestion presents many processes/actions dependent on a single user - for example "a key phrase". What happens when a user forgets the key phrase? Going further, "a user should be able to define a place to store a backup file (network, PC harddisk, USB stick)" - access to a backup file will depend only on a user so support may not be able to help in many cases. This is just my insight.

     

    I will forward your ideas to our team for debate.

    Link to comment
    Share on other sites

  • Topic Author
  • Hello back.

    I am happy that we could start a discussion on that topic since it is an important one.

    Of course you have valid points with your thoughts.

    Maybe it would be possible to have some option like 'standard' and 'experienced' so that user have an option to choose.

    On the other hand I doubt that 'the convenience user without some IT experience' would choose HC2 as the system of choice because HC2 provides many options. Those are used by IT experienced users.

    Therefore I think it is OK to put responsibility towards the user in this case.

    Because what is the other option? HC2 and/or the recovery stick breaks. Then we have to send the whole system to you which means that the house is without controller. For any PC that might be an OK process but not for a system controlling a house including heat and alarm.

    Therefore I wish for more 'external' backup possibilities including the feature to use a backup made with one HC2 on a new one.

    Of course I am open for discussions and other views on this matter

    Please login or register to see this image.

    /emoticons/default_smile.png" alt=":)" srcset="https://forum.fibaro.com/uploads/emoticons/[email protected] 2x" width="20" height="20" />

    May LUA be with us .....

    Please login or register to see this image.

    /emoticons/default_smile.png" alt=":)" srcset="https://forum.fibaro.com/uploads/emoticons/[email protected] 2x" width="20" height="20" />

    Link to comment
    Share on other sites

    Hello,

     

    Thank you for sharing your suggestion and idea. However, your description concerns securing and managing the backup files more than the process of a backup.

     

    Your suggestion presents many processes/actions dependent on a single user - for example "a key phrase". What happens when a user forgets the key phrase? Going further, "a user should be able to define a place to store a backup file (network, PC harddisk, USB stick)" - access to a backup file will depend only on a user so support may not be able to help in many cases. This is just my insight.

     

    I will forward your ideas to our team for debate.

    yayy thanks for replying!

     

    Well yess users might forget their codes but that happens all the time in all sorts of system, if they forget than that is their problem. Allso as i mentioned the cloud or component of restoring where Fibaro would have an authentication say in this matter might be helpfull (in order to restore backup on new HC you'd have to be connected to internet and verify that you are owner of Fibaro account by being loged in). its bit clumsy solution but could be sortof helpfull if user forgets their backup password.

     

    Yes fibaro will not have pernament unlimited access to those backups. But you do nto need to have that much access to it do you? it is enough to have access to backup whenever it is needed for troubleshooting and or restoring. and at that point it would have been pluged in (incase of USB stick).I do not think i see problem you are seeing in this regard - HC2 woudl kep its default flashdrive and users would just coppy stable backup unto new one and boom problem delt with secondary backup incase something goes wrong on primary backup or unit itselve.

    Link to comment
    Share on other sites

    Why not link backup to home.fibaro.com account?

     

    Or possibility to create backup on a NAS or PC. There could be text window, where you put IP adress and path to exact folder and HC2/HCL, could save/load backups from there and user will have their backups in his devices.

     

    But i would preffer, if units could load backup from another unit. I do not know, if it would be even possible, becouse Gateway network ID should change accroding to network ID in backup.

    Link to comment
    Share on other sites

    • 3 months later...

    What ever type of backup procedure is implemented is OK as long it is possible to transfer backup to new HC without needing Fibaro engineers to participate. Fibaro, you must find a way to make migration of system from old to new HC doable by users alone. As I mention once before, if in some future you release new version of HC box current users must be able to replace old box with new one without effort.

    Link to comment
    Share on other sites

    • 2 weeks later...
    Quote

    Your suggestion presents many processes/actions dependent on a single user - for example "a key phrase". What happens when a user forgets the key phrase? Going further, "a user should be able to define a place to store a backup file (network, PC harddisk, USB stick)" - access to a backup file will depend only on a user so support may not be able to help in many cases. This is just my insight.

     

    Thank you all for keeping the discussion on another backup solution alive.

     

    For T.Konopka I can only say that any backup solution is better than none at all.


    My Recovery stick has been inoperable for over a year now and I have no backup solution at all!
    I would be VERY GRATEFUL to be able to backup an ordinary USB memory stick.


    I'm absolutely not afraid that someone would steal my unprotected backup.

    If I repair my Recovery stick for expensive money, then I would be more afraid that it will become broken again, than anyone would steal my backup!

     

    How do you Fiboro people think about backups? It is not my personal mail or documents in this backup. Just the light in my house!

    Edited by RH_Dreambox
    Link to comment
    Share on other sites

    Fibaro, as mentioned before (a lot!), it's all about freedom of choice. Let us decide what to use or not and us to decide to accept the consequences.

    Link to comment
    Share on other sites

    So after a while i am curious:

    Has there been anny progress made Fibaro?

    Annything your tech team mentioned during meeting this was brought up at that would prevent or complicate implementing this issue?

    Can we - users/resellers/support team members do annything to help in developing/applying backup method into cloud/own device?

     

    (i am very partial to solution where we'd save backup up into the cloud - the cloud is there backups are not that big and Fibaro woudl mostly retain controll. We'd allso be able to restore backup from damaged or inoperational device even if said device would not be able to work.)

    Link to comment
    Share on other sites

    43 minutes ago, Kuba13 said:

    the cloud is there backups are not that big and Fibaro woudl mostly retain controll. We'd allso be able to restore backup from damaged or inoperational device even if said device would not be able to work.)

     

    Why should Fibaro retain control over our backups? What's wrong about the users having control? :shock:

    Let us decide where to store.I don't definitely want to store anything at Fibaro's without a proper explanation what are doing with it and how it is stored.

    Fibaro has a really bad track record about what their are saying and what they are (not) doing.

    Link to comment
    Share on other sites

    25 minutes ago, Lambik said:

     

    Why should Fibaro retain control over our backups? What's wrong about the users having control? :shock:

    Let us decide where to store.I don't definitely want to store anything at Fibaro's without a proper explanation what are doing with it and how it is stored.

    Fibaro has a really bad track record about what their are saying and what they are (not) doing.

    I am getting sense from them that they are bit paranoid and would like to retain controll over as much of the system as they can. this is my way of offering them chance to keep holding on to that controll while letting users enjoy benefits of actually usefull backup.

     

    Sadly there is no way that i can see you could connect HCL to USB and store data that way *sigh* . Shame i really prefer physicall device over cloud solutions.

    Link to comment
    Share on other sites

    definitely no backups in the cloud, if one wish to save them somewhere - so do it - but not by default cloud. External location, like "download backup button" is fine, the format can stay as is, encryption as well. As all backups checksums and names are stored in running database anyway, no reason to care that much about importing of manipulated backup (because steps to manipulate are the same, if coming from external or from internal stick). So please Fibaro, simply add export and import button (and zip them + crc check after import).

    Link to comment
    Share on other sites

    You're absolutely right @tinman.

    I really don't get Fibaro's way of thinking and how they operate. It looks (and feels) they want to control everything.

    That's the way they're communicating and it indicates that you underestimate (or worse, don't trust) your own users. It looks like they refuse to accept that a bought device is owned by the user, not the company that build it.

     

    So, if they're not trusting me, how should I trust them?

    Link to comment
    Share on other sites

    Hello,

     

    Dnia 2.12.2016 o 12:47, Lambik napisał:

    Fibaro, as mentioned before (a lot!), it's all about freedom of choice. Let us decide what to use or not and us to decide to accept the consequences.

     

    Sure, I partially and personally agree, but as a company we have to think about all users especially new users that start they journey with home automation. You are an experienced user so many aspects of the system are clear to you, but inexperienced users may not think through every step they take while using our system. In case of losing backup, guess who will be blamed? ;-)

     

    Dnia 5.12.2016 o 12:13, Lambik napisał:

    Why should Fibaro retain control over our backups? What's wrong about the users having control? :shock:

    Let us decide where to store.I don't definitely want to store anything at Fibaro's without a proper explanation what are doing with it and how it is stored.

    Fibaro has a really bad track record about what their are saying and what they are (not) doing.

    @Lambik, please stop with all this conspiracy. We are all about safety and being able to assist when it's needed. Letting all users creating backups anywhere and restoring anything they want will create mayhem. And again, guess who will be blamed for this? ;-) We try to think ahead and foresee what a change may cause.

     

    Kidding aside, I did not receive any information in which direction we are heading so I cannot share anything new with you. Discussions have started some time ago, but there are many projects that we are working on and we need to time them right with each other. We do not underestimate our users and we do trust them, but we want to make everything work and avoid creating a mess.

    I am happy that the discussion is still live on the forum. I can assure you that your insights and suggestions are being passed to appropriate persons. :-)

    Link to comment
    Share on other sites

    1 hour ago, T.Konopka said:

    Hello,

     

     

    Sure, I partially and personally agree, but as a company we have to think about all users especially new users that start they journey with home automation. You are an experienced user so many aspects of the system are clear to you, but inexperienced users may not think through every step they take while using our system. In case of losing backup, guess who will be blamed? ;-)

     

    @Lambik, please stop with all this conspiracy. We are all about safety and being able to assist when it's needed. Letting all users creating backups anywhere and restoring anything they want will create mayhem. And again, guess who will be blamed for this? ;-) We try to think ahead and foresee what a change may cause.

     

    Kidding aside, I did not receive any information in which direction we are heading so I cannot share anything new with you. Discussions have started some time ago, but there are many projects that we are working on and we need to time them right with each other. We do not underestimate our users and we do trust them, but we want to make everything work and avoid creating a mess.

    I am happy that the discussion is still live on the forum. I can assure you that your insights and suggestions are being passed to appropriate persons. :-)

    First of all, a big thanks for your respond! This is highly appreciated. And I'm not kidding.

     

    I really think this is what I meant by giving the the (forum) users some insight from your point of view and how you're operating. Of course, I probably disagree at many decisions Fibaro is making, but my point is: Communicate!

     

    Maybe you can clarify some of the things what is really agitating me for a (long) time.

    1 - Why there is no opt out for Google analytics? I saw in the Fibaro Android App an option can be made whether to send anonymous data to Fibaro for debugging. Why not implement something like that for the HC2 Webmin?

    2 - If security is giving priority, why can we still login (in local LAN) unencrypted?

    3 - Why isn't a button added, in the new beta configuration wizard,  'Skip this wizard (for advanced users only, activate at own risk)' ?

    4 - Something similar as point 3, but then for exporting backups to your own harddrive/Nas?

    5 - Why is the embedded HC2 debian Linux version not updated?

     

    Please share your point of view, I won't blame you afterwards :mrgreen:

    Link to comment
    Share on other sites

    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.

    Guest
    Reply to this topic...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×
    ×
    • Create New...