Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - mkbrown69

Pages: 1 2 [3] 4 5 ... 13
31
Developers / Re: New Template ISY994i uploaded
« on: December 08, 2013, 06:23:22 am »
Thom,

I've just committed a fix for Manufacturer ID.  It got switched to"Google" in the SQLCVS number shuffle, and was corrected to "Universal Devices".  Fix committed on Dec. 8 @ 0:18 EST via anonymous SQLCVS.

Thanks for the assistance!

/Mike

32
Developers / New Template ISY994i uploaded
« on: December 07, 2013, 04:32:01 am »
ISY994i Template Release notes

Initial checkin, Trac ticket #1999 committed Dec. 6, 2013 at 22:20 EST.  Would someone be able to review and approve it, please?  Edit: Forgot to mention, it's a SQLCVS anonymous commit...

Wiki Page for driver: http://wiki.linuxmce.org/index.php/ISY994i

Working Features:

Insteon/X10 Devices and Insteon Scenes
Automatic device creation in LMCE
Automatic creation of Insteon Scenes as dimmable child devices
Generates status update events to LMCE
Control of devices and scenes using orbiters

Future work/To-Do list:
- finish up device status, config routines and logic
- integrate orbiter alerts
- add more events support
- add more device support and verbosity
- Insteon Keypad support (basically implemented using related devices)
- relate ISY folders to LMCE rooms (and logic applied
- Integrate ISY WeatherBug module with 1204's WeatherPlugin

Thanks!

/Mike

33
Installation issues / Re: Problems intstalling to VirtualBox
« on: December 02, 2013, 01:23:02 am »
Specialstuff,

20G is probably too small.  I run mine with a 50Gb LV for root, and seperate LV's for /home and /var/log, and you can see what I'm using.  LMCE is virtualized using KVM, with LVM's passed through as block devices.  /var/lib/mysql is an LV from an SSD, and the large log directory is for centralized syslogging, and verbose logging for dev/debugging work.

Code: [Select]
Filesystem            Size  Used Avail Use% Mounted on
rootfs                 50G   36G   12G  76% /
none                  787M  316K  787M   1% /dev
/dev/disk/by-uuid/86982b08-7e50-blah
                       50G   36G   12G  76% /
/dev/vdc1              20G  1.8G   17G  10% /var/log
/dev/vde1             296G  2.9G  278G   2% /home
/dev/vdb1              12G  2.7G  8.6G  25% /var/lib/mysql

You have to remember, each MD is almost another install itself, averaging 2.5 G apiece.

Hope that helps!

/Mike

34
@Langston:  no problem!  My pleasure!

@Matt,

How it works will depend a bit on what you're using as a "client".  The wiki page I linked describes LMCE's VPN implementation, which uses IPSEC or a Layer 2 Tunnelling protocol (L2TP).  Those are pretty common, and there are clients in, or available for, most mobile devices and computers.  The solution I use implements IPSEC, and uses certificates for two-factor authentication (something you have, the certificate, and something you know, the password).  It works on my iDevices, and I can install the VPN profile quite easily.  When I want to access the house, I click the VPN setting on, enter my password, and then I'm in.  I can then launch RoamingOrb or whatever app to access internal services.  I could make it easier using iOS7's new VPN on demand features, but I'd have to create some Mobile Device Management (MDM) profiles; right now, it'd be too much work in order to be lazy ;)

VPN's have other nice features, depending on the product.  Most give you seperate address spaces, so you can route, filter, and firewall to your hearts content.  Most enterprise Wi-Fi implementations require a VPN connection over Wi-Fi in order to access corporate services.  There are other fancier features, but you get the idea...

HTH!

/Mike

DOH!  Link in other thread, now here for reference: http://wiki.linuxmce.org/index.php/VPN

35
Matt,

It's a good and valid question.  Simply, it's about limiting the attack vectors.  The more services you expose directly to the Internet, the greater the possibility that one of those services can be exploited.  This isn't specifically about LMCE, but a general security practice.  One or two doors are easier to secure than ten or twenty doors.

IT security is like layers on an onion; you have to keep peeling them away to get to the centre.  You want to make it hard enough that 'they' move on to easier pickings.

Your LMCE login page doesn't currently track login attempts, and I'm willing to bet most people won't be looking through their Apache access logs to see if someone is running a dictionary attack.  There are other web-based products like MythWeb and MediaTomb; how about them?

SSH is even riskier, especially if your password isn't strong or you're not using two-factor authentication (username, password, and a pre-shared key, token, or certificates).  That's the first attack vector most will try; I regularly see port-scans against border devices, which are going after the SSH port (among others).

Yes, there are ways to secure all those services and make them more resistant to attacks, but that does require advanced IT knowledge.  LMCE's about making media and home automation "easier".  While most that are perusing these forums are more technically inclined, LMCE's target audience is those less technically inclined, who wouldn't be able to implement those safeguards.  Hence, the VPN makes it easier and safer.

In the case of Orbitors, I'm not sure if the traffic is SSL/TLS encrypted.  So, if you were to expose those ports over the Internet, and were sending your alarm system PIN code * in the clear *, someone on the same network segment (like in the case of cable modems) could sniff that traffic, figure out what it meant, and then use a replay attack to disarm your system.  Using the VPN means all that traffic is encrypted in the VPN tunnel, between your core and the end-device (the phone running QOrbiter).

Hope that explains things!  IT security is a complex issue, so I tried to keep it simple...

/Mike

36
The use of a VPN would likely be both easier, and safer.

http://wiki.linuxmce.org/index.php/VPN

HTH!

/Mike

DISCLAIMER:  I don't use this particular configuration, but I'm pointing it out as it's built-in to LMCE. I run Sophos (formerly Astaro) UTM as a virtual machine, and use it to VPN into my house.  I use RoamingOrb on iDevices that way to access the core.  Same principles, different products.

37
Developers / Re: Need some design advice
« on: November 23, 2013, 04:35:07 am »
More progress and more questions...

I'm using event 765 (Set Device Relations) to establish the relationship between a Keypadlinc and it's buttons.  It works, and I'm able to show the buttons as related devices.  I'm wondering what the 'value' field in the schema is for?  I'm also wondering if I'm using this "related devices" correctly?  Basically, the buttons are physically part of the same switch, but are separate from the load, and seperate from each other.

I'm also curious about the difference between the Device Group and the "related devices" ;  the one notable difference I saw was that you can create "related devices" programmatically from GSD, but I don't see a way of doing it from GSD driver for Device Groups.

Thanks!

/Mike

38
will the update via terminal also update the security and bug fixes for the kde desktop?
Update/upgrade will update security and big fixes for installed packages.  It won't pull in new packages, which is why it'll say sometimes that certain packages won't be upgraded.  That usually happens when a new package is "required" by an updated package, and the "required" package is not currently installed.  To deal with that catch-22, you do a sudo apt-get dist-upgrade.

Some of your problems could be attributed to repository priorities in the package manager (apt/dpkg).  You (or LMCE) can decide that packages from one repository are more current/important/customized than packages from a standard repository.  That helps the package manager decide which one to use when it's faced with more than one choice for the same package (prefer stuff from here over stuff from there).

Hope that helps!

/Mike

39
Try commenting out the medibuntu.org entries in /etc/apt/sources.list, and  then do

sudo apt-get update && sudo apt-get upgrade

Medibuntu doesn't exist anymore.

Hope that helps!

/mike

40
Developers / Re: Need help!
« on: November 14, 2013, 01:30:49 am »
I'm not a DBA but I do a ton of SQL work. So much so that I pronounce it squeal.

Does it make you squeal with delight, or frustration?   ;)

/Mike

SELECT * FROM work.frustrations LIMIT 10;

Man I wish I could limit it to 10...

41
Developers / Re: Need some design advice
« on: November 07, 2013, 01:58:58 am »
Still plugging along...

Question to the experienced LME users and devs...  So, my driver starts up (after a boot or router reload), it connects to the ISY, retrieves managed devices from the ISY, and creates LMCE child devices for any ISY devices it finds that LMCE doesn't know about.  We can't use them yet, because they were just created, and the router needs to be reloaded...

Would it be considered "good behavior" if I programmatically trigger a router reload so that devices can be used, or is it preferred to just tell the user to do it, and let them decide when to reload?

Thanks!

/Mike

42
Developers / Re: Something interesting to watch
« on: October 28, 2013, 02:29:56 pm »
I ran MisterHouse in my home for over 6 years...  I cut-over to LMCE for most automation stuff just under a year ago, and still haven't quite replicated all the capabilities I had with MH on LMCE.  I'm currently writing drivers to address some of them, and then will look at some other stuff that's bugging me; I'm just hitting things in the priority of "pain points"...

Each of these OSS projects has their strengths and weaknesses.  And a little competition, even in Open Source, isn't a bad thing...  It helps drive innovation and creativity.  Being Open Source, it means that good ideas can be easily portable to more projects, if those ideas align with the goals of the projects.

My $0.05 CDN before HST...

/Mike

43
Developers / Re: Transmission torrent on LinuxMCE
« on: October 21, 2013, 04:11:28 pm »
Rob,

More than likely, your changes were committed only to the 12.04 or trunk branches, and not to the 10.04 (which you're probably running).  The wiki shows what changes were committed where...

http://wiki.linuxmce.org/index.php/LinuxMCE-1004_-_Changesets
http://wiki.linuxmce.org/index.php/LinuxMCE-1204_pre-alpha

I see listings of the transmission additions on the 1204 alpha page, but not on the 1004 changesets.

Hope that helps!

/Mike

44
Users / Re: problems with medibuntu?
« on: October 15, 2013, 03:20:43 pm »
The Medibuntu project has folded.  See here: https://help.ubuntu.com/community/Medibuntu

Medibuntu has now been shut down, the packagers were either obsolete, unnecessary or moved to the official Ubuntu archive.

A Libdvdcss package is now available direct from VideoLan http://www.videolan.org/developers/libdvdcss.html


We'll probably need to determine what packages were being obtained from the medibuntu repos, and then update the apt listings and/or the LMCE software package definitions.

HTH!

/Mike

45
Developers / Re: Need some design advice
« on: October 10, 2013, 01:35:50 am »
... and discuss his design decisions for the agecontrol, sorry, agocontrol gateway into LinuxMCE.

I'm guessing there's something behind the "slip", but I'm missing it...   ;)

Thanks for the pointer though... I have been watching AgoControl, as I think it has potential as a Home Automation sensor platform when running on a PI.  Just don't have the extra cycles right now... Doing the ISY driver, plus building LED DMX dimmers and fixtures plus some props with the kids for Halloween and Christmas.  I'll go bonkers if I pickup another hobby project.  ;-p

Thanks!

/Mike

Pages: 1 2 [3] 4 5 ... 13