Jump to content

Welcome to Smart Home Forum by FIBARO

Dear Guest,

 

as you can notice parts of Smart Home Forum by FIBARO is not available for you. You have to register in order to view all content and post in our community. Don't worry! Registration is a simple free process that requires minimal information for you to sign up. Become a part of of Smart Home Forum by FIBARO by creating an account.

 

As a member you can:

  •     Start new topics and reply to others
  •     Follow topics and users to get email updates
  •     Get your own profile page and make new friends
  •     Send personal messages
  •     ... and learn a lot about our system!

 

Regards,

Smart Home Forum by FIBARO Team


Encrypted Fibaro Quick Apps


jakub.jezek

Recommended Posts

Please, add encryption for the Quick App so the code will not be visible.

 

Some installers I spoke with would love to share their sollutions, but they do not want code to be visible. It is simmilar to Control4 where installers or driver developers protect their code.

 

How it should work.

  • There should be encrypt button which copies whole device as new device without possibility to decrypt new device.
  • Code would not be visible from Home Center API, from Edit QA or from text editor as QA codes can be modified from text editor such as Microsoft Visual Studio Code. In place of code there would be some rubbish that only HC will understand.
  • HC internally should decrypt these no matter if it was created on this HC or not.
  • Imported encrypted QA will not have code visible in QA editor and API.
  • Variables should not be encrypted as you would need to add device ID (advanced control for Z-Wave device) or add licence key if somebody would like to sell them for few bucks.
  • Like 4
Link to comment
Share on other sites

Hello Jakub, thank you for valuable feedback. Such requirement has already been observed and well noticed on FIBARO side. Not sure if I am proper person to discuss how this is going to be managed technically however the main goal is the same. 

  • Like 1
Link to comment
Share on other sites

  • Topic Author
  • Hi @M.Mróz,

     

    Thank you for your response. Result of this "encrpytion" should be that user should not see the code even before uploading such QA.

     

    Other system using similat thing is Control4. Software integrations are called drivers and if driver developer (either Control4 or 3rd party) does not want installer to get to the code, then driver is encrypted. Installer or distributors can change XML part of driver which is not encrypted, but the code itself is.

    • Like 1
    Link to comment
    Share on other sites

    Sure, absolutely...control4 and not only. ?  Great way to protect the code and incentivize community for good work. 

    • Like 1
    Link to comment
    Share on other sites

    Like Maciej said, we got plan for this. One will be that client will dont need download Quickapp and later upload to gate. Marketplace will be integrate with gateway and client will dont have option edit to to look in api to see code

    Link to comment
    Share on other sites

    @A.Socha Is there a forecast when this will be released?

     

    @A.Socha Can you also solve the moderating problem of the Marketplace itself? Without proper moderating of the Marketplace, technical solutions are worth nothing. 
     

     

     

     

    Edited by SmartHomeEddy
    Link to comment
    Share on other sites

    3 hours ago, A.Socha said:

    Like Maciej said, we got plan for this. One will be that client will dont need download Quickapp and later upload to gate. Marketplace will be integrate with gateway and client will dont have option edit to to look in api to see code

    so if internetconnection is gone the qa won't work?

    Link to comment
    Share on other sites

    no, why? That user will not upload manually quickapp dont mean HC, will not do this. (download and install in secure way)

    Link to comment
    Share on other sites

    Ah i read it wrong, ik thought that gateway is connected to marketplace and code is running overthere. my mistake.

    Link to comment
    Share on other sites

    @A.Socha

    I have in my public QAs autoupdate function from my server (to have better user experience - for main QA and also for child dev with user interface)

    Autoupdate should be also for encrypted QA (or to have APIs than I can create it in my QA code)

    Thanks

    Edited by petrkl12
    Link to comment
    Share on other sites

    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.

    Guest
    Reply to this topic...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×
    ×
    • Create New...