tmorse305 Posted August 14, 2019 Posted August 14, 2019 I bought WiFi plug recently (only $5!) to try interfacing to my ISY via a variable and Alexa. I was able to do that although the Alex response to the variable change is so slow that I don't think it's a practical solution. My question is about the configuration of the plug. How does the plug get my home WiFi credentials? Here are the steps: iOS platform Download the app on the phone Create an account Plug the device in and hold power button for 5 seconds to put it the mode that allows it to be seen by the app Select the device type on the app (plug) Enter WiFi SSID and password into the app Press connect Moments later, done, device is now connected The blue tooth is disabled on my phone, all WiFi networks available to the plug are password protected. My phone is connected to my home WiFi, not an AP coming from the plug. How is the plug getting my WiFi credentials???
lilyoyo1 Posted August 14, 2019 Posted August 14, 2019 You didn't give any information on what you've script purchased so no one can speak on your specific plug since we don't know what you bought. Most likely the app is automatically pulling your network information from your phone. The mfg would be able to confirm for you how it works
paulbates Posted August 14, 2019 Posted August 14, 2019 (edited) To follow up liliyoyo, its happening right here: Plug the device in and hold power button for 5 seconds to put it the mode that allows it to be seen by the app Select the device type on the app (plug) Enter WiFi SSID and password into the app Many appliances work this way, my Venstar remote sensors have the same technique. Pressing the power button resets it and it advertises a specific SSID for Wifi Direct. Its not in the list of steps, but you likely had to pick the device's SSID from a list of access points on your phone that include your home SSID. The app connects directly to the device, one time via WiFi Direct. When you enter your wifi SSID and password into the app, it programs it into the device. The device restarts and from that point it on it authenticates to your WiFi with the credentials you gave it. Anything connected to your LAN that has the API can talk to it It can see anything on your LAN Paul Edited August 14, 2019 by paulbates
tmorse305 Posted August 14, 2019 Author Posted August 14, 2019 1 hour ago, lilyoyo1 said: You didn't give any information on what you've script purchased so no one can speak on your specific plug since we don't know what you bought. Most likely the app is automatically pulling your network information from your phone. The mfg would be able to confirm for you how it works Yes, sorry it's a Coosa branded product from Amazon. I've never heard of the brand, I chose it because it was the cheapest one out there. https://www.amazon.com/gp/product/B073RGKSCH/ref=ppx_yo_dt_b_asin_title_o00_s00?ie=UTF8&psc=1 I actually type the network information into the app so the app and their server have the info, the question is how does it get to the plug if there is no network connection to the plug to start with.
tmorse305 Posted August 14, 2019 Author Posted August 14, 2019 Thanks Paul, The steps you describe are what I'm familiar with with other devices. In this case however the plug is not generating a WiFi signal. I confirmed that using inSSIDer4 software on my PC. My phone stays connected to my WiFi during the connection process. I'm baffled how the information is getting from the app to the plug. I thought it might be Bluetooth from the phone so I shut that off and it still connects.
larryllix Posted August 15, 2019 Posted August 15, 2019 (edited) 21 hours ago, tmorse305 said: Yes, sorry it's a Coosa branded product from Amazon. I've never heard of the brand, I chose it because it was the cheapest one out there. https://www.amazon.com/gp/product/B073RGKSCH/ref=ppx_yo_dt_b_asin_title_o00_s00?ie=UTF8&psc=1 I actually type the network information into the app so the app and their server have the info, the question is how does it get to the plug if there is no network connection to the plug to start with. I use many WiFi RGBWW bulbs/RGBWW LED strips and a few other WiFi devices. This is how the process works. When the WiFi device is factory reset it creates it's own SSID, usually with a prefix to identify itself like LEDENET12345678. The app knows to look for that SSID from the device and automatically connects your mobile device to it. In the past apps, you had to select that SSID on your app device (mobile phone) manually. Now when you enter the SSID and password, you are installing that security into the bulb/device. IT reboots and connects to your LAN The device or bulb's SSID disappears and your app device (mobile) reconnects back to it's usual LAN connection (SSID) Now your app and bulb are on the same network. Factory reset the receptacle and you should see a foreign SSID again. Edited August 15, 2019 by larryllix
tmorse305 Posted August 15, 2019 Author Posted August 15, 2019 9 hours ago, larryllix said: I use many WiFi RGBWW bulbs/RGBWW LED strips and a few other WiFi devices. This is how the process works. When the WiFi device is factory reset it creates it's own SSID, usually with a prefix to identify itself like LEDENET12345678. The app knows to look for that SSID from the device and automatically connects your mobile device to it. In the past apps, you had to select that SSID on your app device (mobile phone) manually. Now when you enter the SSID and password, you are installing that security into the bulb/device. IT reboots and connects to your LAN The device or bulb's SSID disappears and your app device (mobile) reconnects back to it's usual LAN connection (SSID) Now your app and bulb are on the same network. Factory reset the receptacle and you should see a foreign SSID again. Thanks larryllix for your reply, That might work on android but my understanding with iOS is that there is no way to change the SSID from an app. The app can only direct you to the WiFi setting page. When I factory restore the plug and monitor for new SSID's using inSSIDer4 software, no new SSIDs appear. This software reports SSIDs that are hidden as well. When I look at the device from my FING box, the plug is present and FING indicates that it is in range but not connected to my network. It looks like any other device waiting to connect to the network. That's why I'm so baffled by this. I'm reluctant to keep this thing plugged in until I understand what it is doing. Could they be doing some kind of hack to get the information to the plug?
Bumbershoot Posted August 15, 2019 Posted August 15, 2019 21 minutes ago, tmorse305 said: Could they be doing some kind of hack to get the information to the plug? That would be a sketchy marketing scheme, and they'd deserve what they're going to get in the market (oblivion) if they're doing something like that. Then again, for $5.00, maybe so. If you're provoked and persistent, please let us know what you find. Maybe this is a legit deal?
larryllix Posted August 16, 2019 Posted August 16, 2019 (edited) 54 minutes ago, tmorse305 said: Thanks larryllix for your reply, That might work on android but my understanding with iOS is that there is no way to change the SSID from an app. The app can only direct you to the WiFi setting page. When I factory restore the plug and monitor for new SSID's using inSSIDer4 software, no new SSIDs appear. This software reports SSIDs that are hidden as well. When I look at the device from my FING box, the plug is present and FING indicates that it is in range but not connected to my network. It looks like any other device waiting to connect to the network. That's why I'm so baffled by this. I'm reluctant to keep this thing plugged in until I understand what it is doing. Could they be doing some kind of hack to get the information to the plug? Simply put, if you had to install your SSID and password for your WiFi and the receptacle connected to your WiFi then it was transmitted to the receptacle some how. Otherwise why would it demand security details? Ironic to state iOS cannot have an app control the SSID it connects to, and the receptacle could hack into your password under that same iOS. I doubt that is happening. A lot of effort and technology has gone into making these things not easily hackable. I would be sure iOS geofencing apps control thing a lot more than just WiFi connections. The manual that comes with my bulbs and RGBWW strip controllers reads the same method regardless of the O/S. OTOH those original instructions used the manual SSID change method where the user selects a temporary SSID network. The newer apps find the SSID automatically but for me that is only on Android. Maybe do the factory reset again and check your iOS device possibilities. Every other WiFi device, I have used, finds every other SSIDs within a block. I know you have to be within 50 feet of the bulbs when they grow their own SSID servers. I don't know how much grip Steve Jobs still has in your house. Does the receptacle not come with any instructions? Some of mine have a one page withonly the words "www.loadme.com", in the middle of the page. LOL Others came with four pictures marked 1,2,3,4. Edited August 16, 2019 by larryllix
paulbates Posted August 16, 2019 Posted August 16, 2019 23 minutes ago, Bumbershoot said: That would be a sketchy marketing scheme, and they'd deserve what they're going to get in the market (oblivion) if they're doing something like that. Then again, for $5.00, maybe so. If you're provoked and persistent, please let us know what you find. Maybe this is a legit deal? It’d be more like security cameras and ddos attacks a few years ago; a security model is not in the $5 product’s development budget. Some kind of OS is in there, what was involved in securing it?
lilyoyo1 Posted August 16, 2019 Posted August 16, 2019 If it matters that much to know how it works, the best place to go to is directly to the mfg. The only thing any of us can do is speculate on how it works. If trust is the issue, it's a 5 dollar plug. You get what you pay for
tmorse305 Posted August 17, 2019 Author Posted August 17, 2019 On 8/15/2019 at 8:12 PM, larryllix said: Simply put, if you had to install your SSID and password for your WiFi and the receptacle connected to your WiFi then it was transmitted to the receptacle some how. Otherwise why would it demand security details? Ironic to state iOS cannot have an app control the SSID it connects to, and the receptacle could hack into your password under that same iOS. I doubt that is happening. A lot of effort and technology has gone into making these things not easily hackable. I would be sure iOS geofencing apps control thing a lot more than just WiFi connections. The manual that comes with my bulbs and RGBWW strip controllers reads the same method regardless of the O/S. OTOH those original instructions used the manual SSID change method where the user selects a temporary SSID network. The newer apps find the SSID automatically but for me that is only on Android. Maybe do the factory reset again and check your iOS device possibilities. Every other WiFi device, I have used, finds every other SSIDs within a block. I know you have to be within 50 feet of the bulbs when they grow their own SSID servers. I don't know how much grip Steve Jobs still has in your house. Does the receptacle not come with any instructions? Some of mine have a one page withonly the words "www.loadme.com", in the middle of the page. LOL Others came with four pictures marked 1,2,3,4. I agree, the credentials are getting into it somehow, I just can't figure out how. There is a manual, it says "Open the Smart Life app, click +, and select "Electrical outlet", now your mobile phone is connected with your WiFi socket". And in fact it is! I dug around inside the app and came across an FAQ page. The device can be connected using 2 different modes. The default is EZ mode which I have described already. The other is AP mode which in fact generates an SSID that you must connect to in order the connect the device. This is the method that I think we're all familiar with. When I choose AP mode the app requires me to go the the iOS setting screen to switch the WiFi to the SSID coming from the plug. Then the connection is made in the usual way. So the question is how does EZ mode work? I have reached out to the vendor via Amazon to see how EZ mode actually works, waiting to see what they have to say. I'll share it if it's anything interesting. 1
tmorse305 Posted August 22, 2019 Author Posted August 22, 2019 (edited) I finally got an explanation from a different manufacturer (Tuya) as they also referred to EZ mode in their instructions. From Tuya: Smartconfig (EZ) distribution network mode: Smartconfig means that the mobile APP sends a UDP broadcast packet or a multicast packet containing the WIFI username WIFI password. The WIFI chip of the intelligent terminal can receive the UDP packet, as long as the UDP organization form is known, The WIFI username and password are decrypted by the received UDP packet, and then the WIFI username and password received by the intelligent hardware configuration are sent to the designated WIFI AP. Smartconfig is a TI proprietary provisioning technique. Once I knew the proper name, the internet is full of information as you would expect. From TI (see page 4): http://www.ti.com/lit/wp/swry011a/swry011a.pdf A very detailed explanation from a blog I found: http://depletionregion.blogspot.com/2013/10/cc3000-smart-config-transmitting-ssid.html In summary the SSID and the password are encoded in multiple packets, the encoding is done in the length of the packets. Who knew... Definitely not the most secure method. Edited August 22, 2019 by tmorse305
tmorse305 Posted August 26, 2019 Author Posted August 26, 2019 On 8/15/2019 at 7:50 PM, Bumbershoot said: That would be a sketchy marketing scheme, and they'd deserve what they're going to get in the market (oblivion) if they're doing something like that. Then again, for $5.00, maybe so. If you're provoked and persistent, please let us know what you find. Maybe this is a legit deal? Turns out it is a bit of a hack, although created by Texas Instruments. Don't know if you saw my explanation, see last post.
Recommended Posts