Get events from Arrowhead alarms

Forums › Gadgets, robotics, home automation, electronics (including wearables) › Get events from Arrowhead alarms

t0ny

414 posts

Ultimate Geek
+1 received by user: 84

Lifetime subscriber

#198055 24-Jun-2016 08:03

Hi, i have an arrowhead alarm which is connected to my network so i can set the alarms on/off etc. via my smartphone. I would like my home automation server to get these events so i can do bit more e.g notify if the alarm is turned on when i get near the house etc. Packet captures from the smart phone app shows that it does a GET to http://m.aap.co.nz:8080/user/getpanels while passing the phone number and device id as inputs. Unfortunatly the data returned is just of characters e.g 17A21F1C9E044A5FAB1C2410.... so i cannot make sense of it.

Has anyone tried this approach or am i better off hooking up something directly to the alarm panel to pick up events. Arrowhead are not interested in sharing any API details.

1 | 2

414 posts

Ultimate Geek
+1 received by user: 84

Lifetime subscriber

#1579344 24-Jun-2016 08:08

The other approach i was thinking is to set up the IP module to pass data using CID reporting

jamesrt

1663 posts

Uber Geek
+1 received by user: 941

ID Verified

Trusted

Lifetime subscriber

#1579367 24-Jun-2016 08:52

t0ny: Arrowhead are not interested in sharing any API details.

Slightly off-topic reply, but considering the API includes the ability to remote disarm, that's probably not unreasonable.

And with respect to your wanting to check alarm status when approaching the house, you know their app shows that, right?

t0ny

414 posts

Ultimate Geek
+1 received by user: 84

Lifetime subscriber

#1579376 24-Jun-2016 09:03

Yeh..it shows it but i need to open the app to see that. A simple pushbullet notification is all i need to tell me alarm is on

jamesrt

1663 posts

Uber Geek
+1 received by user: 941

ID Verified

Trusted

Lifetime subscriber

#1579398 24-Jun-2016 09:48

t0ny: Yeh..it shows it but i need to open the app to see that. A simple pushbullet notification is all i need to tell me alarm is on

I agree opening the app is a pain; I wonder if Arrowhead have plans for updating / improving the app; the ability to have an option to display an icon on the status-bar (up by the clock) if the alarm is activated would be really useful.

I think I had an email address for one of their techs; perhaps I should go and look...

richms

29098 posts

Uber Geek
+1 received by user: 10208

Trusted

Lifetime subscriber

#1579415 24-Jun-2016 10:02

So an alarm is posting data and getting responses from a server over http? Guess thats another one for internet of s..t.

Richard rich.ms

t0ny

414 posts

Ultimate Geek
+1 received by user: 84

Lifetime subscriber

#1579422 24-Jun-2016 10:09

security is probably not one of their strong points :)

Samsung

Shop now on Samsung phones, tablets, TVs and more (affiliate link).

michaelmurfy

meow
13579 posts

Uber Geek
+1 received by user: 10910

Moderator

ID Verified

Trusted

Lifetime subscriber

#1579469 24-Jun-2016 12:05

People think I am nuts for not allowing embedded devices access to the internet... And this is a good example as to why.

Alarm, chatting over HTTP (not HTTPS with certificate checking) with the ability to remote-disarm... Honestly. It wouldn't take much to work it out. I would suggest capturing everything over a long period of time and looking for patterns however looking at it from here it appears it may well be a salted hash.

It would be interesting to fire up a local server and replay events to it (eg - disarm / arm) to see if the alarm panel accepts it.

Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

t0ny

414 posts

Ultimate Geek
+1 received by user: 84

Lifetime subscriber

#1579486 24-Jun-2016 12:39

Doesnt look like a hash. I ran the string against https://md5hashing.net/hash and it found no match.

t0ny

414 posts

Ultimate Geek
+1 received by user: 84

Lifetime subscriber

#1579959 25-Jun-2016 09:59

Some hours later and basically, the data sent back and forth is encrypted. The data are mqtt messages which are converted to hex and a light encryption scheme is used to scramble the info before sending it the server.

paulobrien

2 posts

Wannabe Geek

#1580503 26-Jun-2016 14:07

ive had a play around with these alarms over the years and installed probably 15-20 of them..

i have the IP module as well.. and would interested in anywhere you get with comms to the IP module

i also have a serial module (around $50ish from memory) and wrote some c# a couple of years ago to emulate the keypad and get some basic event handling when zones triggered, alarm triggered etc

was thinking if AAP wont release API, maybe a NodeMCU (ESP8266) or Arduino connected to the AAP Serial interface board with some code on it to create a bridge?

phrozenpenguin

868 posts

Ultimate Geek
+1 received by user: 90

#1802522 17-Jun-2017 10:49

Awakening an older thread but keen to understand if anyone has progressed things here? I've got an Arrowhead alarm and am exploring what I could do in terms of logging/controlling etc. I have seen the serial module, but haven't used a serial interface for a long while. Is that still the best thing to consider? Anyone doing anything else smart e.g. interfacing with openHAB, doing serial over ethernet or ?

Lego

Shop now for Lego sets and other gifts (affiliate link).

danfaulknor

974 posts

Ultimate Geek
+1 received by user: 533

Trusted

Prodigi

Subscriber

#1802523 17-Jun-2017 10:52

I have the serial module. It's a very very simple protocol. I haven't quite gotten around to it yet but my plan was to write something to present an API on my local network. I don't think it would take much effort at all

they/them

Prodigi - Optimised IT Solutions
WebOps/DevOps, Managed IT, Hosting and Internet/WAN.

phrozenpenguin

868 posts

Ultimate Geek
+1 received by user: 90

#1802526 17-Jun-2017 10:57

Do you have the serial module directly connected to a computer / Raspberry Pi - or are you using a serial-network converter?

danfaulknor

974 posts

Ultimate Geek
+1 received by user: 533

Trusted

Prodigi

Subscriber

#1802527 17-Jun-2017 10:59

It's connected to a RaspberryPi on a separate VLAN, given that it has the ability to arm and disarm the alarm, it needs to be secure

they/them

Prodigi - Optimised IT Solutions
WebOps/DevOps, Managed IT, Hosting and Internet/WAN.

mattrix

193 posts

Master Geek
+1 received by user: 39
Inactive user

#1802538 17-Jun-2017 11:36

A D1 Mini could easily read / write to serial and connect to your WiFi and has a MQTT library.

But yes, you would need to think about security.
But that's the fun part!

I'd use a separate WiFi network for all smart nodes in home.
Then have it hard-wired (ethernet) to main network via a master node (Raspberry Pi).
This master node is also running the MQTT broker.
This smart home WiFi uses a very long random password - with all the trimmings (it's stored in the devices so no need for typing it in)
and also MAC authentication (smart device MAC addresses are allowed - any other device is not).

Also have a saved "secret key" (SALT) on sender and receiver.
Each message payload is hashed with this key and sent a long with the data.
The receiver then get's the data, hashes it with the same SALT and compares the hashes.
If they don't match - ignore.

1 | 2