Repeating and neighbors

[jtara92101]

We've had some discussion about security and neighbors.

 

But I haven't seen anything about repeating and neighbors.

 

For powerline communication, I think it is a non-issue, unless you share a meter with a neighbor. (Or only a breaker box?) This does happen - for example, some apartments come with electricity included. A friend of mine owns some apartment buildings up the street, and he gives one of the tenants free power because he wired some outdoor security lights onto that unit's meter.

 

But aside from those edge cases, i'm thinking primarily about RF.

 

How does an Insteon device "know" that it is dealing with your network or your neighbor's network? There's no obvious "network ID". But perhaps one is established the first time you link any devices?

 

It would seem problematic if a device is picking up a neighbor's transmissions and repeating them on your network. It would be unnecessary network traffic.

 

The reason I ask is that I've seen some evidence that devices that are not linked to anything do not participate in repeating. Is that true?

 

So, reset a device, wire it in, do not link to ISY or to any other device. Will it participate in repeating signals? (Either RF or powerline.)

[Teken]

Yes & No . . .

 

A (AP) Access Point (RE) Range Extender does not need to be linked to anything yet it will couple / bridge the Insteon network and relay the message to end devices.

[jtara92101]

But what about a dual-band (or even not dual-band, just powerline) device that is physically wired into your wiring, but is not linked to anything? 

 

Will it repeat?

 

It seems logical that they might just always repeat on powerline.

 

But RF would seem a problem.

 

I have circumstantial evidence that they do not repeat on powerline unless linked to something.

 

So, if you have, say, some Switchlincs that you are just using as dimmers, and haven't linked to anything, maybe you should link it to ISY at least so that it will help strengthen

the network.

 

I only have one working Access Point. The other one is dead, I guess I should get in there and replace some capacitors, eh?

 

I rely on dual-band devices to bridge my phases. In fact, normally I don't plug-in the AP, it is a big ugly box.

 

(BTW, those old big ugly boxes are made of some interesting plastic. The one that is dead is quite yellow. It was in an overhead kitchen cabinet hidden from the sun. Most plastics will yellow when exposed to the sun. But this one seems to have yellowed whilst HIDDEN from the sun - like alkyd paints. Or maybe it is just grease. )

 

Are the APs protocol-agnostic? Do I have to worry that because I have old APs they wouldn't repeat the newest Insteon protocol?

 

At least the RE is in a prettier, smaller box. Are there FUNCTIONAL differences between the older AP and the newer RE?

[mwester]

There is NO security at ALL in the Insteon protocol.  The real question isn't so much if they'll repeat the signal if linked or not -- rather it is if there's anything preventing you from controlling or managing your neighbor's Insteon devices.

 

The answer is no, there's nothing at all preventing you from adding your neighbors Alert unit, for example, to your ISY or Hub, and waking him/her up in the middle of the night.  All you need is the Insteon device ID for that unit.

 

"Ah, but the likelihood that you would know that ID is near zero," says Unnamed-Forum-Member-who-will-post-on-this-thread-shortly, "so therefore the security is just fine, and the alert unit isn't loud enough to wake me up anyway, so this is all a non-issue, and you should just ignore the entire issue of security as it relates to the Insteon protocol!"

 

The above argument, along with the argument "I don't have anything worth stealing", and "I don't care if anyone starts flashing my lights", is the most common one offered as a rebuttal to Insteon's lack of security.  While it's certainly true that my neighbor may not know my device IDs, and it may even be true that an unmodified hub or plm won't show me that traffic, this entire argument falls into the fallacious "Security by Obscurity" technique.  That's been widely rejected as a valid security technique across the industry - ignorance is a temporary and easily-rectified problem.  The second-most-common argument, noted above, actually may be valid for some small set of users.  By analogy, a homeless person has no need of a door lock.  I'd argue that only a very few of the folks on this forum fall into that category; most of those who post here have interesting devices on their network whose abuse would cause at least great irritation, and for some, actual damage.

 

So, Insteon security IS a concern, and very particularly for those who live in apartment and condos.  But it should be noted that the power-line signal is not actually stopped by a meter -- it's stopped at the transformer.  So everyone who shares a transformer may be easily able to see each other's signals.  As you noted, RF doesn't care about the wires.  Ironically, it's actually better-protected in the really, really OLD apartment buildings and condos, where the walls tend to have actual masonry firewalls (yep, that's the origin of the networking term "firewall"), and may even be made of plaster.  Today's modern construction, something my wife describes aptly as "cardboard construction" tends not to bother RF as much, particularly at the lower RF frequency used by the Insteon protocol (900 MHz vs 2.4 GHz for WiFi).

 

I keep waiting for the logical next big announcement from SmartHome/SmartLabs, which would be Insteon V3 -- if they don't add encryption and default to a more secure means of enrollment into your network, they're going to fail.  It's not if, it's just when.

[jtara92101]

Security is a different issue. My concern here was network traffic. And, really, in particular, (OPPOSITE problem!) whether a device that is not linked acts as a repeater, as I have been having many communication woes. 

 

I have some devices installed in multi boxes for "future use". To be sure, now, I am making sure to link them to ISY.

 

Every wall in my building is a mystery! There are layers upon layers upon layers. Every time I drill into a wall, I have to observe the color of what comes out.

 

Drywall, plaster, drywall over plaster. Drywall over plaster over hollow terra-cotta brick. Drywall over plaster over hollow terra-cotta brick over reinforced concrete. Throw in some styrofoam (allegedly, according to the painters working on the outside of the building) and a kitchenette buried behind a wall in my bedroom. Now, run all the permutations...

 

I occasionally hear the slap of the elevator cables. Once I have heard furniture being moved upstairs. Once I have heard workers next door doing renovations, I think their laundry room cut's in between my master bath and walk-in closet. And that's it.  Ceilings are 9 feet, but real ceiling is 11 feet (above the drywall), and I think floors are at least a foot thick.

 

Factoid: Bobby Kennedy made his last public appearance here. The next day, he went up to L.A...

 

[mwester]

Ah, ok -- repeating only, then.    All Insteon devices repeat all Insteon traffic; the link database is not referenced in the repeating of the signal -- RF or powerline.

[jtara92101]

^ So, some implications are:

 

1. Devices ought to be agnostic to the Insteon protocol version when they repeat, right? Or only for AP/RE? But this is in conflict with statements I have seen that if you have V1 devices repeating traffic to/from I2CS devices, the I2CS device(s) will fall-back to I1. That implies that repeating devices are cognizant of the protocol versions, and unable to repeat higher protocol versions. (Maybe only concerning I1 and I2CS?)

 

2.  Supposedly, many/most I2CS devices do not support peek/poke. This might explain why they can be difficult to link if you have I1 devices. IF having an I1 device repeat and you try to link and it falls-back to I1, it won't be possible to link. Maybe this is why I have better luck linking on a zip-cord plugged-in to same circuit as the PLM?

 

3. Your neighbor's Insteon traffic will be repeated on your Insteon network if they are close enough (both RF and powerline, if on same phase on same transformer) and so your network will see extra extraneous traffic. And vice-versa. The Phone Company phased out most party lines in the 1960s. Insteon hasn't gotten the message yet. (Get it, hasn't gotten the message, yuck, yuck...)

 

Yes, it is an INVITATION to hack, as well.

[mwester]

I'm aware that a V2 device can fall back to V1 if the target doesn't support it -- but I'm not aware that it can fall back if the relaying devices do not support V1.  There's nothing in the protocol that permits a relaying device (i.e. a device other than the target) to respond to the originator, so there's no way for a relaying device to indicate success or fail or "wrong version" or any other sort of message back to the originator.

 

Version information is not contained in the link database, nor does a device know what version any of the other devices nearby may be.  The message itself is sufficient to determine the message version -- a V2 device will faithfully repeat both V1 and V2 messages, but a V1 device will only repeat V1 messages.  This is why the older range extenders are such a bad idea; they will only repeat the shorter V1 messages and ignore the V2 messages, and thus can give a false idea of the network's connectivity if one only considers the V1 messages.

 

Basically, if you have V1 devices, you need to ensure that your mesh in your mesh network does not depend upon them -- if you do that, you'll be fine (easier said than done, though -- shame that the ISY doesn't have the cool network diagnostics that HouseLinc software had...).

[Dr Pepper]

So if Access Points and Dual Band Device repeat everything that they hear then if I have a wireless motion or keyfob I could use it a few houses away if I were to put an access point/dual band device in neighbors houses and they can communicate with each other. 

 

So If  I put a motion on my neighbors houses and someone approaches it I could turn on their lights and mine  (and vice versa) yet only have one ISY.  Since we have a lot of car break ins in the early morning hours (3am to 6 am) this could be a good deterent as we could light up several front yards if someone approaches any of the houses.  Not a perfect solution but I bet it would make someone thing twice if several houses outside lights come on at the same time.

 

So while there are drawbacks to the lack of security there are also probably a few advantages. 

[jtara92101]

So if Access Points and Dual Band Device repeat everything that they hear then if I have a wireless motion or keyfob I could use it a few houses away if I were to put an access point/dual band device in neighbors houses and they can communicate with each other. 

 

 

Probably not, because the maximum hop count is 3. That often doesn't make it from one end of my 900 sq ft condo to the other, so unlikely it would make it a few houses away!

 

a V2 device will faithfully repeat both V1 and V2 messages, but a V1 device will only repeat V1 messages.

 

 

Ahhhh! OK, now I finally get it! (Confirmation, please?) 

 

I think my network is improving now, I have nearly all the devices in that I want. I had flagged KPL v5.33 and SL v5.15 as "toxic to network" and went to all older and newer devices. Turns out now it seems only the KPL v5.33 is toxic. Now all my SLs are 5.15 and so I have more V2 devices. These are powerline only but they should help with the powerline network.

 

What about V2CS? As far as repeating, is any kind of V2 good enough?

 

I have a couple of quite new KPLs that are V2CS installed, they are fine. The KPL v5.33 was the first dual-band KPL. It's funky I think. Too bad, I have a bunch, in a bag labelled "flakey".

[Brian H]

V2? Are you thinking of the I2 and I2CS Insteon Protocol compared to the original I1 Protocol?

 

The only time I saw a V2 in a model number was when Insteon was first being sold.

When there where both the older X10 modules and the original Insteon modules. Smatthomes inflate wisdom. Same base name on both versions. Like a ApplianceLinc was an X10 and a ApplianceLinc V2 was an Insteon model.

[stusviews]

All Insteon device repeat any Insteon signal they hear. (An exception is the hard-wired phase-coupler which doesn't repeat at all.) Therein is the key. There's a limit distance even if the devices are within the same household. Power line signals can travel further that can RF due to the low power of the RF signal, but they do have a length limit (more than just distance matters).

 

Power line signals do not stop at the transformer. They actually can return on the opposite leg of the single-phase electric supply and to every home on that transformer. However, due to the distance and, maybe more so, anything else on the power line, the signal will be so weak that it can't be detected. That's the primary reason that the opposite legs (not phases, the supply is single-phase) need to be bridged which in most cases is adequately handled by RF signals (i.e., dual-band devices).

 

The particular signal being transmitted/repeated includes both the Insteon ID and the command. I2CS is purported to encode the Insteon ID. All Insteon devices since early 2012 use I2CS. In no way should this be interpreted to mean that Insteon is a secure network, but I2CS provides a bit less risk.

 

Edit: I'll be in San Diego for the WikiConference. How is the Italian food at Soleluna Cafe? What about parking?