How to test Insteon devices for ALL ON vulnerability?

[IndyMike]

21 hours ago, larryllix said:

IIRC, 'All On' was just another pre-installed Insteon scene code  in early Insteon devices, and this was just another Scene control that was being put out by a defective device. No RS-232 involved.
 

So much for the packet security checks Insteon claimed in their white papers.

BTW: RS-232 typically uses X-On and X-Off codes to do handshaking. The modem hardware signal lines were never defined to be dynamically operated.

@larryllix,  I will agree that a malfunctioning device can erroneously activate devices that it is LINKED to.  It cannot activate devices that are not linked.  Therefor it can't be the source of problems for people that have had every device in their home activate.

In that regard we should rename the problem to "All Linked devices ON/OFF".  For most people, the only device in their system that is linked to a large number of other devices is the PLM.  If you don't want a device to be activated by the "All Linked Devices command" don't link it to the PLM.

I've done this many times with my two PLM's.  The ISY and my primary PLM control my house.  I have a second Test PLM that I use for experimenting.  I can issue "all on" commands on the test PLM and it will not affect my home install because the devices are NOT LINKED to it.  Conversely, it will turn on all devices linked to it that have not had the "All On/Off" code removed.

The Insteon communications do use CRC to verify the data.  It's not computed the way the white paper claims, but it does exist.

 

[gdntx]

On 1/26/2024 at 12:51 PM, vbPhil said:

Seems like we need new firmware in the PLM to not issue that phantom All On. Is Insteon aware of this issue? I'm probably late to the party and all this has already been said.

Is the firmware in the PLM undateable?   I've searched and looked on Insteon's page and I don't find any instructions on how that is done.   I have a new PLM and EISY, so I shouldn't need to update, but just curious for sometime in the future to keep the system all tuned up and running well.

[Techman]

The PLM firmware cannot be updated by the end user.

From the UDI Wiki:

Random All On events are related to INSTEON commands being sent to the PLM from ISY and, on the other hand, one (or more) INSTEON devices sending events to the PLM at the same time and thus causing packet collision. RF/dual band devices increase the likelihood of this event since they send two packets for each signal.

The combination of the following technique will dramatically reduce the likelihood of All On events:

• You don't have any programs that use Control for a device and then send a Scene command to a scene which includes the same physical device. So different buttons from the same KPL are considered one device

• Don't Use a Control for a device which is already a Controller for some Scene and then have the program send other INSTEON commands to other devices/scenes. This basically causes two or more events arrive at the PLM at the same time

In addition, motion sensors with low battery, sometimes go crazy and start sending sequences of on/off every second or so. As such:

1. Check Tools | Log for sequences of motion sensor on/off every few seconds and in succession
2. If you do have those, change the motion sensor battery

[Brian H]

None of the Insteon modules including the PLM. Can be flashed by the end user. Old Smarthome did factory reprogram some like the update the SignaLinc RF to the Access points.

Modules I have do have a 5 pin firmware programming connector. Takes access to a programmer for the controller chip  and the source code. They never have released the code as far as I have ever experienced.

Most of the modules have a Line connection to the logic supply so you risk a nasty shock or worse! The PLM has two firmware connectors. As the PLM has a main controller and a second one for the RF controller.

Unless the present Insteon Co. Wanted to do a reprogramming maybe by a return, program, ship back to the customer. Probably for a fee. It most likely would not be possible.

[vbPhil]

1 hour ago, Techman said:

Random All On events are related to INSTEON commands being sent to the PLM from ISY and, on the other hand, one (or more) INSTEON devices sending events to the PLM at the same time and thus causing packet collision. RF/dual band devices increase the likelihood of this event since they send two packets for each signal.

Do you know if this phantom All On issue happens with Insteon’s controller or other’s when not using an ISY?

[Techman]

I'm not 100% sure, but it appears to be an issue with the PLM not the ISY.  I just took a look at the Insteon forum and didn't see any reference to an all on

Home - Insteon Discussion Community

[kzboray]

*** Insteon PLEASE FIX THIS!*** Devices ID'ed that still have ALL ON in FW
https://forum.insteon.com/forum/main-category/main-forum/118513-insteon-please-fix-this-devices-id-ed-that-still-have-all-on-in-fw

[sjenkins]

I gave your insteon forum post some love.

[larryllix]

10 hours ago, IndyMike said:

@larryllix,  I will agree that a malfunctioning device can erroneously activate devices that it is LINKED to.  It cannot activate devices that are not linked.  Therefor it can't be the source of problems for people that have had every device in their home activate.

In that regard we should rename the problem to "All Linked devices ON/OFF".  For most people, the only device in their system that is linked to a large number of other devices is the PLM.  If you don't want a device to be activated by the "All Linked Devices command" don't link it to the PLM.

I've done this many times with my two PLM's.  The ISY and my primary PLM control my house.  I have a second Test PLM that I use for experimenting.  I can issue "all on" commands on the test PLM and it will not affect my home install because the devices are NOT LINKED to it.  Conversely, it will turn on all devices linked to it that have not had the "All On/Off" code removed.

The Insteon communications do use CRC to verify the data.  It's not computed the way the white paper claims, but it does exist.

 

In that case  my OnOffLinc must have created it's own link. It was only ever linked to the PLM but it somehow turned on a group of Insteon devices to a preset scene set up by my ISY994.

I think the signal clash being interpreted as a valid command and repeated as an All On command disproves the usage of any decent CRC method.

[ELA]

Thankyou IndyMike for your efforts at documenting what devices ignore or respond to the All-On phenomenon.

Ref: https://forum.universal-devices.com/topic/41651-all-on-removed-in-what-firmware-version-of-switchlinc-dimmers/?do=findComment&comment=369748

Since that thread was closed for further input I am inputting here to add to the list.

I just received a new Lamplinc/Dimmer module #2457D   Hardware Rev 4.2 , Firmware Ver. 43 - date code 4722.

My older 2457D modules (Rev1.0, Ver. 3A) were degraded and causing their incandescent lamp load to blink periodically. This module was a replacement for that issue.

Before installing I bench tested this new unit for its response to Group FF commands ( simulated All-On).

I tested with both   02 62 00 00 FF CF 12 00    as well as     02 61 FF 11 00  group commands to group FF.

Unfortunately this new module responded, turning its load on, to either of these commands.

I was surprised as I had thought Insteon was removing the response to these commands in newer units?

[kzboray]

@ELA Unfortunately Insteon has not changed in their mindset about this potentially catastrophic problem. I posted detailed information about this on their forums. The posts were deleted without any acknowledgement. They basically buried their heads in the sand while signing la la la.

I guess Insteon figures if someone burns down their house due to an ALL ON event caused by a IOLinc attached to a relay controlling a gas line or some such they can't be sued because no one will know that they knew about the problem.

The solution for me was to remove all of the following devices and replace them with Shelly instead. Adding the 2457D you have identified.

• 2450 iolincs .41
• Micro dimmer 2442-222 .49
• Siren 2868-222 .46
• Micro Switch 2443-222 .48 and .49
• Lamplinc/Dimmer module #2457D   Hardware Rev 4.2 , Firmware Ver. 43 - date code 4722
  
  There is also the spread sheet @IndyMike created which is a great reference as well.
  
  

 

Edited February 2 by kzboray

[paulbates]

The insteon forum operates differently based on not showing a user posts that they've already seen. I just looked and your posts are all there now with details

 

Edited February 2 by paulbates

[kzboray]

Verified Insteon has indeed deleted my posts. It's not just a function of the forums.

Edited February 2 by kzboray

[kzboray]

@paulbates Just a quick update. I created a new account on Insteon forums to test your observation and found that my posts have indeed been deleted. They left just the first sentence of my post and deleted everything else along with all the follow up posts.

[Brian H]

7 hours ago, kzboray said:

Verified Insteon has indeed deleted my posts. It's not just a function of the forums.

I also saw the posts missing. Did not check back to see if the one line was still there.

[paulbates]

This is a screenshot was last night when I posted here, I wasn't able to upload a screenshot at the time. I was able to open the posts and see details. And their forum does stop showing you posts in the main view once you've read them... that is the case

<strikeout> But..... this morning I don't see the posts </strikeout>

*** See my next post, your posts are all still there, its just hard to navigate their forum software in some cases ***

 

Edited February 2 by paulbates

[paulbates]

I take back my last post, and stick by my first one.  I see all of your posts and all of the details there on the Insteon forum now. Their forum software is difficult to navigate older posts that you've read sometimes:

This first link is where you posted test details:

https://forum.insteon.com/forum/main-category/insteon-products/wire-in-devices/micro-modules/micro-on-off/118507-please-disable-all-on-in-fw-for-2443-222-modules

 

https://forum.insteon.com/forum/main-category/main-forum/118508-please-disable-the-all-on-in-fw-for-the-2443-222-micro-module-and-2450-iolinc

 

https://forum.insteon.com/forum/main-category/main-forum/118513-insteon-please-fix-this-devices-id-ed-that-still-have-all-on-in-fw

Edited February 2 by paulbates

[kzboray]

@paulbates Something weird going on with their forums then. Here is what a new user sees. Notice the user name I'm logged in as and this was just now this morning.

If new users can't see the posts then as far as I'm concerned, they have been deleted. Same with me logged in as the original poster. I can't edit or see the posts. Why you can see them I don't know. but there is some funny business going on for sure.

[paulbates]

@kzborayI used the recent posts banner on the right side of my browser session, which might be different for everyone, don't know. 

We can agree that there are anomalies and/or problems with the site, but not that your posts are actively being edited / deleted

[Techman]

@kzboray

You should probably send an email to Insteon support as they may not closely monitor their forum.  Some of the firmware mentioned in your posts has since been updated. There's no way to for the end user to retroactively flash the older firmware. The only option would be to replace the device.

support@insteon.com

 

 

 

 

Edited February 2 by Techman