Any x10 security key flob will change the configured flob in HG.

[tuicemen]

Expected behavior

If a x10 security keyflob isn't configured in HG it shouldn't be able to change a configured ones state.

Actual behavior

Any X10 security key flob I've tested will change the state of the one configured in HG even thought the RF signals are different. This though minor (for me) is a security problem if the user is watching the status of the flob for something in HG.

Steps to reproduce the problem starting from a fresh install

1. add a security flob to HG
2. press the arm and disarm buttons to be sure the status updates correctly.
3. with another security key flob (which is not configured in HG) press the arm or disarm buttons and watch the status change of the one configured in HG.

Specifications

• Version: 1.2-stable.37
• Operating System: Raspbian stretch lite
• .Net/Mono runtime version: 5.4
• Hardware configuration: raspi zero W cm15

Additional configuration notes

I had noticed this in some other versions but not all I ran . Using a non configured Keyflob will not arm or disarm the HG security system it only changes the state of the configured keyflob.

[genemars]

can you please provide log of raw rf messages from both key fobs?

[tuicemen]

Log file from inside HG from today doesn't show Keyflob activity. I'll do a sudo mono HomeGenie.exe and report back

[tuicemen]

@genemars the first Keyflob seen (RawData 29 9B 94 06 F9 AF 00) is a arm & disarm from the none configured Flob. As you see it doesn't arm or disarm the HG security the second one (RawData 29 D3 DC 86 79 F7 00) does. However both change the status of the keyflob configured in HG HgLog.txt

[tuicemen]

It should be noted my HG security arms and disarms as I'm watching for RF from the second Keyflob using a script. If my script watched the keyflob status instead then any ones key flob would arm my HG security. Of coarse now to be truly secure with my HG security I now need a third flob (or reset this one) and redo my script.

[mralapete]

@genemars why are we even discussing X10 security panels and enhancements. @tuicemen has answered his own question in the post. These security panels are not secure.

I requested an enhancement for the GE Concord 4 range of security panels a while back. Maybe spending time on an assignment like that might make more practical and technical sense.

Over the last number of weeks I've finally migrated my home automation setup over to Home Assistant which does include an interface for the GE Concord 4 range of security panels. From what I'm hearing from other long established HG users they have also taken the same route.

Such a shame really. HG used to have a very vibrant and productive community and still does have plenty of potential but not while you're spending time making enhancements to a insecure security panel.

[tuicemen]

@mralapete, These panels are secure! And what I'm asking and reporting is not a issue with the X10 security panels nor is it an enhancement request. This is a issue with HG seeing a remote (not setup in HG) but treating it like one already configured. The remote not configured does not trigger any thing (even my X10 security console) other then change the status of a configured HG remote (module). Stop demanding a improvement be done over a bug fix.

This would be the same as my Zwave door lock status being changed from locked to unlocked by a different Zwave signal (other then the type of signal).

My statement about resetting my remote is due to the fact that the rawdata info was made public by me. That could be said for any security system.

[mralapete]

Anyone being serious about security wouldn’t even be discussing these X10 security panels but if @genemars wants to indulge you by all means.

One of a number of reasons why many serious home automation users are moving away from HG.

[tuicemen]

@mralapete, OMG, this issue is not about any particular Security Panel! Nor about @genemars indulging and playing favorites to anyone I simply reported a issue with a module I encountered, you decided to make it about a particular brand of security console. If the issue I reported is by HG design that is fine I'll close the issue, if it is unique to my HG setup I'll close the issue.

[mralapete]

Not at all. I'll leave you to discuss the matter of X10 security panels with Gene. I'm sure others from your X10 Forum may want to join in and may find it quite informative too.

[tuicemen]

For the third time this is not a discussion of any security panel! Forums are for discussions! This GitHub section is for reporting issues one may discover with HG or requesting improvements.

If you @mralapete feel this is an improvement request and not a bug fine. I don't be little or bash your improvement requests, I expect the same from you!

[mralapete]

@tuicemen I'll leave the last word with you so. As usual lol

[pjanits]

Just to be clear you can arm and disarm only by using the script. But the script sees both remote equally?

[tuicemen]

I can arm/disarm the HG security system Program with a script triggered by a x10 security flob arm/disarm signal (I use the RF code signal not the status signal ) HomeGenie sees both security flobs As it should However since I only have one configured the flob module status changes with either flobs button presses. My Script only sees the flob I have configured. This origially made me thing the Flob was broken as I wasn't paying attention to which one I was testing with, both are on my desk.

[tuicemen]

@genemars Just out of curiosity I tested these remotes on another HG server with the same results. Also HG will not allow me to add the other key flob as it thinks it is already installed. My DS7000 sees & will register each flob. I'm now just wondering if anyone is able to add a second security keyflob (KR10A) to HG?

[pjanits]

I can only add 1 KR32 to HG. I have not tried the scripts yet.

[tuicemen]

@pjanits Thanks at least that confirms one of the issues. When you press the arm button of the flob that isn't configured does the status of the one configured change to armed?

[pjanits]

No neither one changes to armed in HG. I am not running the scripts yet. I am still trying to figure out where the next step is in the program after it sees a remote.

[tuicemen]

I don't mean the HG security system I mean your configured KR32 module

[tuicemen]

This is what changes regardless of the flob I use.

[pjanits]

Yes

[pjanits]

I wonder if it relates to what the type is for a remote. HG defaults to sensor, but really isn't nor does it act like a sensor. None of the other choices really fit the remote.

[tuicemen]

It realy doesn't make sense to create a separate type for the Key flobs most users only use one or maybe two. Since HG realy does nothing with the RF signal other the change the state (unless you create a script) it kind of makes sense to add as a sensor. However every door/widow sensor is added separately and my front door sensor trip doesn't change the state of my back door sensor.

[yorlik-too]

Just as another confirmation, I just added a kr10 keyfob, verified it changes from disarm to armaway, then grabbed a second keyfob and tried it: it too triggered the module in HG. I verified it reports a different rf number too. I do have both of these keyfobs programmed into SC1200 and a DS7000 1 mile away at another location. I actually arm/disarm SC1200 security unit via HG with a SH624 security remote; HG sends its code to HAbridge which send the actual RF to the SC1200. Obviously all very secure with its 24 or 32bit (IIRC) security encription. Mike_k