Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
WebRIVA, domains, Security Certs
#11
(01-11-2018, 11:46 AM)Dean Roddey Wrote: WebRIVA would not have the same complexities for VPN that would otherwise exist for any of the regular CQC processes. No UDP packets or broadcasts are involved, it's just a single, persistent websocket (TCP/IP) connection. So it wouldn't require (presumably) require a doctorate in VPNology to get that one going.

Dean not sure what you are getting at here. If you have a VPN connection it's as if the device were on the home network. If I start up a VPN connection and then fire up TaRIVA on my Android device it still connects; I don't have to do anything different for that vs using WebRIVIA. The only VPNology is getting the VPN environment set up (server and clients) and the generation of keys for said server and clients.

As an aside WebRIVA is significantly faster than the old Android TaRIVA client.
Reply
#12
I was comparing that to folks wanting to set up parts of CQC running on separated systems, or even the regular IV. That involves having to deal with broadcasts and UDP, and name resolution issues, and such, which isn't easy with VPN.

The RIVA ones only use a single TCP/IP connection to the web server. Well, the old RIVA ones would also open some HTTP connections to get images. The WebRIVA uses just one single socket connection.
Dean Roddey
Software Geek Extraordinaire
Reply
#13
(01-11-2018, 03:38 PM)batwater Wrote: Maybe on an iPhone it would require a doctorate (now there's an irony) You forgot the close the browser tab step.

Seriously though I'm interested in what your use case is where your spouse (or children) need to interact with the automation system remotely? I'm presuming there is something that is coming up fairly often..?

BTW I just set Tasker up to start VPN, open a browse tab to CQC, wait set time (for testing 3 minutes) and then turn off VPN. Oh and that's a single click task icon on my home screen.  Only thing it doesn't do is close the browser tab. So for Android it doesn't require a doctorate (another irony me thinks  Undecided )

This iteration of my CQC IV is much more designed towards information.  Get a notification and open webiva to check cams, or make sure windows are closed if it starts raining and you’re away, or make sure you didnt leave the TV on, etc...  A not insignificant bit of this has come via recommendations from the wife.  Smile

Since it’s nearly all informational other than a few oft-used scenes, I don’t have many issues having it open.  

Now, if I could just finish making an actually designed interface all would be better.  Smile
do the needful ...
Hue | Sonos | Harmony | Elk M1G // Netatmo / Brultech
Reply
#14
(01-11-2018, 04:34 PM)jkmonroe Wrote: This iteration of my CQC IV is much more designed towards information.  Get a notification and open webiva to check cams, or make sure windows are closed if it starts raining and you’re away, or make sure you didnt leave the TV on, etc...  A not insignificant bit of this has come via recommendations from the wife.  Smile

Since it’s nearly all informational other than a few oft-used scenes, I don’t have many issues having it open.  

Ditto. Right now I will admit I have a fully text based screen but MAN is it a pita to maintain.

I'm contemplating having the not-at-home user only have access to an overlay screen which is just text, but have the in-network user use the main screen with overlay widget so it can also see other items.
------------------------------------
Devices I can't stand and wish I could replace: SmartThings, Hue, Concerto, VRUSB
My vlogs: https://www.youtube.com/c/IVBsHomeAutomation
Reply
#15
how much did you pay for your SSL? NoIP has a domain + SSL for $79/year. Just the DigiCert SSL is $175/year.
------------------------------------
Devices I can't stand and wish I could replace: SmartThings, Hue, Concerto, VRUSB
My vlogs: https://www.youtube.com/c/IVBsHomeAutomation
Reply
#16
Since I changed isp I've lost external access to my systems. My net connection is via 4G and I did not realise that they use NAT with their customers. I see comments here that tend to indicate that there are knowledgable people here that may be able to offer a suggestion on how to get around this so I can access my CQC from outside my network (and other systems like blue iris)
Mykel Koblenz
Illawarra Smart Home
Reply
#17
(01-11-2018, 10:42 PM)IVB Wrote: how much did you pay for your SSL?  NoIP has a domain + SSL for $79/year. Just the DigiCert SSL is $175/year.

Mine is like $29/yr from namecheap + $12/yr for domain through google.
do the needful ...
Hue | Sonos | Harmony | Elk M1G // Netatmo / Brultech
Reply
#18
(01-11-2018, 10:42 PM)IVB Wrote: how much did you pay for your SSL?  NoIP has a domain + SSL for $79/year. Just the DigiCert SSL is $175/year.

NoIP will be probably the cheapest and most convenient. The cheapest SSLs we have found at work are GoDaddy. My general rule is a cert is between $75 and 100 unless you are lucky and find something on sale. I think NoIP has a good deal because generally they are going to have more home users than large businesses. I dont have an SSL on my DDNS but I think I pay just under $40 a year for premium service at NoIP.
Robert
Reply
#19
Since we're on the subject ...

We all have to remember that we're not securing our banking information here, but the reasons remain the same. The ideas behind securing your site are:

(1) Validation (making sure you've not been domain hijacked, or in the midst of a MitM attack, etc..)

(2) Encryption (making it nearly impossible to sniff packets if you're on public wifi or the like)

In my opinion, for our use case here, there will be no value in having a seal, or having an insurance policy, or having EV, or needing to make sure that your paperwork is in order, or having access to the latest protocols, or needing immediate revocation, or having access to technical support. So with that in mind, know that the $9 cert will offer the same Validation and Encryption as the $179 cert. As long as you select a CA that has broad browser trust, you will be fine; period.

But, if those options mentioned are important to you then by all means get a more expensive cert. Just please don't think that it will offer any better validation or encryption than the cheaper options.
do the needful ...
Hue | Sonos | Harmony | Elk M1G // Netatmo / Brultech
Reply
#20
The biggie for #2 is that you are encrypting the login info. Without that, the login is in the clear.
Dean Roddey
Software Geek Extraordinaire
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  WebRiva iPhone X monetteboy 16 124 9 hours ago
Last Post: jkmonroe
  webriva template question lleo 21 623 01-08-2018, 08:53 AM
Last Post: Dean Roddey
  WebRIVA - Raspberry PI - View Only batwater 2 1,268 09-17-2017, 06:41 PM
Last Post: znelbok
  Security video with CQC bryanb 19 2,201 04-22-2016, 05:13 PM
Last Post: Dean Roddey
  Off topic security question rtarver 2 1,010 10-13-2014, 07:49 PM
Last Post: rtarver
  Error about Security Server George M 3 777 11-25-2012, 04:50 PM
Last Post: Dean Roddey
  Icons for Security Status? rbroders 0 1,195 07-16-2011, 10:24 PM
Last Post: rbroders
  Security Camera Images - How To? batwater 5 1,350 01-16-2010, 10:08 AM
Last Post: batwater
  Vista/XPSP2 Unknown Publisher Security Warning wuench 3 1,767 04-27-2009, 07:47 AM
Last Post: Bodshal
  Viewing security cam in CQC robolo 17 1,777 02-14-2009, 11:09 AM
Last Post: Brightan

Forum Jump:


Users browsing this thread: 1 Guest(s)