Securing and stabilizing the Vera by taking it off the grid

Do not blame Sorin! He is a true patriot and had no hand in this.

He is the forum manager, who else could do that?

People higher in the organization.

I don’t think it was Sorin that banned him, so maybe best to give him the benefit of the doubt?

C

He’s currently blocked for 1000 years (roughly) I understand. For breaking forum rules

C

I think we as a community all must be told why he was banned. This way he cannot even defend himself. Does he even know himself why he is?

The reason has been stated. He broke forum rules…

C

How did he do that? What rule dit het broke with and where? (Trying to learn what no to say when being too honest)

Sorry chap. You’ll have to ask those that banned him. I am simply repeating the ‘corporate’ line…
C

But who banned him? Thats what I ask for few posts up.

I’m not prepared to answer that, chap. I have some ideas, but no facts. Draw your own conclusions

C

Click on the user id of a poster (or a reply with the @user in a gray bubble) and you should get a pop up of the user, showing their status. For @rafele77 you will see a banned duration until April 3020 and a reason of spam.

FYI - rafale77 is very active on the Home Assistant Community forum and his code is hosted on Github (Z-Way OpenLuup plugin, Vera-extroot) - all under his same handle.

@rafale77 started his own forum

Observation: the last commenter in this topic has been banned, as was the originator of the topic.

But on to the subject at hand… I have spent a couple of days doing my own work at separating one of my Veras from the mother ship. I’ve solved a few problems that rafale77 apparently had not. All remote access, remote provisioning, etc. have been stopped. I have confirmed over the last 24 hours that the only traffic that remains is Vera’s fetch of the current weather, which may not be worth the trouble to drill out (failure of the query has no effect on system stability), but I might do it anyway just because I’m ornery that way.

I have reduced the procedure to scripts, one to decouple, one to recouple (it’s entirely reversible almost instantly). I am still doing QA, particularly on the hardening aspects (e.g. making sure it reboots reliably and quickly with no delays, time is stable, longevity testing, etc.). If that continues to go well, I’ll publish the scripts later this week for the experimentation of the bravest of others. Since I don’t have a Secure, I’ll need a volunteer to work with on that platform, preferably someone fluent with WireShark or proficient enough with their own firewall to set up filter rules with logging for traffic tracing. PM me if you’re such a person.

I’m interested in testing this, when available.

I’ve removed the Alexa skill in favor of ha-bridge, so, apart the convenience of using the app, I’m ok to completely remove the cloud part from my system.

OK. Here it is. Tested on my Edge and Plus. All the usual caveats apply:

• The author is the worst tester. Although it works on my two systems, I still regard my validation as a single data point, and you know the value of one data point in extrapolating a conclusion.
• The process does things that are counter to the design of the system, and you assume all risks.
• Read the README completely before doing anything. Understand what you’re getting into.
• It is not tested on Secure, because I don’t have one.
• Forgot to mention: it’s undo-able without a factory reset.

Get it: GitHub - toggledbits/Vera-Decouple: Scripts to decouple Vera Home Automation Controllers from their parent cloud services

Please use the Issues section of the Github repository to ask questions or report issues. I will use this forum thread for infrequent announcements on this topic only. I believe there is a non-zero risk of any of us being banned for discussion in this thread (two already have fallen, as I noted earlier).

Other comments:

• CLARIFICATION: This decoupling process does not prevent your Vera from using any plugins or code that uses cloud services or other remote APIs, and these will continue to work. This process only removes the “invasive” Vera/eZLO cloud system-dependencies that seem to cause fragility in our systems, make unsolicited changes to them, etc. It is expected, for example, that Alexa, Google Home, Nest, etc. all continue to work on a decoupled Vera system.
• This is new work; it is not a respin or update of @rafale77’s prior efforts, although it will, of course, have much in common with it. I have been able to solve some problems he had not yet solved as of his untimely banishment from these forums. I have validated the extent of its decoupling and have not found any exceptions yet (although testing has been days, not weeks or months). But I believe it is now theoretically possible to have a stable Vera that runs without Internet access at all.
• The script provides some additional functionality, including local backup of system configuration daily, local backup of rotated logs, and local syslog feed of system messages.
• The script fixes Vera’s broken date/time handling on boot. It turns out that OpenWrt has an included, fairly workable approach that the Vera boot process corrupts. Vera’s application of its own broken default can result in erroneously triggered scenes and other automations where date-time is a trigger, and additional reboots/reloads when time is later slewed to correct.

I also have been able to create a stable build environment for OpenWrt and packages, and have so far successfully built updated versions of many much-needed packages, including LuaSec 0.9, OpenSSL 1.1.1h, and faster JSON parsers and other handy tools. When I get through a bit more testing, I will publish a repository with documentation.

Already tried on my Edge, with success. Small thing for the docs: remember to chmod 777 for the sh scripts.

That’s why I say run it via sh decouple.sh and not ./decouple.sh.

Many thanks! I have a Plus and as I have said before on different topics here, a Home Automation controller MUST have a lifetime measured in decades not months. Vera Control Ltd. has sent mixed messages out in the past - their new controllers (Atom & PlugHub) carry the Ezlo name while their older more powerful controllers carry the Vera name and they are in beta with an EzloPlus right now which presumably will replace the Vera-branded controllers. It is clear that once the EzloPlus has supplanted the VeraPlus, that controller will go by the wayside. However a home system can’t be just yanked out and replaced every 4 years because the manufacturer wants to put more money into their coffers! My VeraPlus and network of Zwave thermostats and switches in the house are all working with it - I MIGHT look at replacing it with an EzloPlus - in another decade, possibly. If it ain’t broke DON’T FIX IT!!!