Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


t0ny

306 posts

Ultimate Geek

Lifetime subscriber

#198055 24-Jun-2016 08:03
Send private message

Hi, i have an arrowhead alarm which is connected to my network so i can set the alarms on/off etc. via my smartphone. I would like my home automation server to get these events so i can do bit more e.g notify if the alarm is turned on when i get near the house etc. Packet captures from the smart phone app shows that it does a GET to http://m.aap.co.nz:8080/user/getpanels while passing the phone number and device id as inputs. Unfortunatly the data returned is just of characters e.g 17A21F1C9E044A5FAB1C2410.... so i cannot make sense of it.

 

Has anyone tried this approach or am i better off hooking up something directly to the alarm panel to pick up events. Arrowhead are not interested in sharing any API details.


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
t0ny

306 posts

Ultimate Geek

Lifetime subscriber

  #1579344 24-Jun-2016 08:08
Send private message

The other approach i was thinking is to set up the IP module to pass data using CID reporting


jamesrt
1022 posts

Uber Geek

Trusted
Lifetime subscriber

  #1579367 24-Jun-2016 08:52
Send private message

t0ny: Arrowhead are not interested in sharing any API details.

 

Slightly off-topic reply, but considering the API includes the ability to remote disarm, that's probably not unreasonable.

 

And with respect to your wanting to check alarm status when approaching the house, you know their app shows that, right?


 
 
 
 


t0ny

306 posts

Ultimate Geek

Lifetime subscriber

  #1579376 24-Jun-2016 09:03
Send private message

Yeh..it shows it but i need to open the app to see that. A simple pushbullet notification is all i need to tell me alarm is on 


jamesrt
1022 posts

Uber Geek

Trusted
Lifetime subscriber

  #1579398 24-Jun-2016 09:48
Send private message

t0ny: Yeh..it shows it but i need to open the app to see that. A simple pushbullet notification is all i need to tell me alarm is on

 

I agree opening the app is a pain; I wonder if Arrowhead have plans for updating / improving the app; the ability to have an option to display an icon on the status-bar (up by the clock) if the alarm is activated would be really useful.

 

I think I had an email address for one of their techs; perhaps I should go and look...


richms
23646 posts

Uber Geek

Trusted
Subscriber

  #1579415 24-Jun-2016 10:02
Send private message

So an alarm is posting data and getting responses from a server over http? Guess thats another one for internet of s..t.





Richard rich.ms

t0ny

306 posts

Ultimate Geek

Lifetime subscriber

  #1579422 24-Jun-2016 10:09
Send private message

security is probably not one of their strong points :)

 

 

 


michaelmurfy
/dev/null
9619 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  #1579469 24-Jun-2016 12:05
Send private message

People think I am nuts for not allowing embedded devices access to the internet... And this is a good example as to why.

 

Alarm, chatting over HTTP (not HTTPS with certificate checking) with the ability to remote-disarm... Honestly. It wouldn't take much to work it out. I would suggest capturing everything over a long period of time and looking for patterns however looking at it from here it appears it may well be a salted hash.

 

It would be interesting to fire up a local server and replay events to it (eg - disarm / arm) to see if the alarm panel accepts it.





 
 
 
 


t0ny

306 posts

Ultimate Geek

Lifetime subscriber

  #1579486 24-Jun-2016 12:39
Send private message

Doesnt look like a hash. I ran the string against https://md5hashing.net/hash and it found no match.


t0ny

306 posts

Ultimate Geek

Lifetime subscriber

  #1579959 25-Jun-2016 09:59
Send private message

Some hours later and basically, the data sent back and forth is encrypted. The data are mqtt messages which are converted to hex and a light encryption scheme is used to scramble the info before sending it the server.

paulobrien
2 posts

Wannabe Geek


  #1580503 26-Jun-2016 14:07
Send private message

ive had a play around with these alarms over the years and installed probably 15-20 of them..

 

i have the IP module as well.. and would interested in anywhere you get with comms to the IP module

 

i also have a serial module (around $50ish from memory) and wrote some c# a couple of years ago to emulate the keypad and get some basic event handling when zones triggered, alarm triggered etc

 

was thinking if AAP wont release API, maybe a NodeMCU (ESP8266) or Arduino connected to the AAP Serial interface board with some code on it to create a bridge?


phrozenpenguin
478 posts

Ultimate Geek


  #1802522 17-Jun-2017 10:49
Send private message

Awakening an older thread but keen to understand if anyone has progressed things here? I've got an Arrowhead alarm and am exploring what I could do in terms of logging/controlling etc. I have seen the serial module, but haven't used a serial interface for a long while. Is that still the best thing to consider? Anyone doing anything else smart e.g. interfacing with openHAB, doing serial over ethernet or ?


danielfaulknor
664 posts

Ultimate Geek

Trusted
Prodigi
Subscriber

  #1802523 17-Jun-2017 10:52
Send private message

I have the serial module. It's a very very simple protocol. I haven't quite gotten around to it yet but my plan was to write something to present an API on my local network. I don't think it would take much effort at all





Prodigi - Optimised IT Solutions
WebOps/DevOps, Managed IT, Hosting and Internet/WAN.


phrozenpenguin
478 posts

Ultimate Geek


  #1802526 17-Jun-2017 10:57
Send private message

Do you have the serial module directly connected to a computer / Raspberry Pi - or are you using a serial-network converter?


danielfaulknor
664 posts

Ultimate Geek

Trusted
Prodigi
Subscriber

  #1802527 17-Jun-2017 10:59
Send private message

It's connected to a RaspberryPi on a separate VLAN, given that it has the ability to arm and disarm the alarm, it needs to be secure





Prodigi - Optimised IT Solutions
WebOps/DevOps, Managed IT, Hosting and Internet/WAN.


mattrix
193 posts

Master Geek
Inactive user


  #1802538 17-Jun-2017 11:36
Send private message

A D1 Mini could easily read / write to serial and connect to your WiFi and has a MQTT library.

But yes, you would need to think about security.
But that's the fun part!

 

I'd use a separate WiFi network for all smart nodes in home.
Then have it hard-wired (ethernet) to main network via a master node (Raspberry Pi).
This master node is also running the MQTT broker.
This smart home WiFi uses a very long random password - with all the trimmings (it's stored in the devices so no need for typing it in)
  and also MAC authentication (smart device MAC addresses are allowed - any other device is not).

 

Also have a saved "secret key" (SALT) on sender and receiver.
Each message payload is hashed with this key and sent a long with the data.
The receiver then get's the data, hashes it with the same SALT and compares the hashes.
If they don't match - ignore.


 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic





News »

Nanoleaf enhances lighting line with launch of Triangles and Mini Triangles
Posted 17-Oct-2020 20:18


Synology unveils DS1621+ 
Posted 17-Oct-2020 20:12


Ingram Micro introduces FootfallCam to New Zealand channel
Posted 17-Oct-2020 20:06


Dropbox adopts Virtual First working policy
Posted 17-Oct-2020 19:47


OPPO announces Reno4 Series 5G line-up in NZ
Posted 16-Oct-2020 08:52


Microsoft Highway to a Hundred expands to Asia Pacific
Posted 14-Oct-2020 09:34


Spark turns on 5G in Auckland
Posted 14-Oct-2020 09:29


AMD Launches AMD Ryzen 5000 Series Desktop Processors
Posted 9-Oct-2020 10:13


Teletrac Navman launches integrated multi-camera solution for transport and logistics industry
Posted 8-Oct-2020 10:57


Farmside hits 10,000 RBI customers
Posted 7-Oct-2020 15:32


NordVPN starts deploying colocated servers
Posted 7-Oct-2020 09:00


Google introduces Nest Wifi routers in New Zealand
Posted 7-Oct-2020 05:00


Orcon to bundle Google Nest Wifi router with new accounts
Posted 7-Oct-2020 05:00


Epay and Centrapay partner to create digital gift cards
Posted 2-Oct-2020 17:34


Inseego launches 5G MiFi M2000 mobile hotspot
Posted 2-Oct-2020 14:53









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.