Hi Sergey the HS200 HW is 5.26 and FW is 1.0.2 and it’s the only device at this HW and FW level and the only device giving me a problem. I have a bunch of HS200’s in the network that are HW 5.0 running FW 1.0.11 and there is no issue with them.I’m wondering if TPLink has disabled the local API in this FW release?ThanksChris
--
You received this message because you are subscribed to the Google Groups "MppDevices" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mppdevices+...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/mppdevices/5acd34e4-9d3d-47c0-a58b-652c518fe29dn%40googlegroups.com.
Wait, what, someone was able to hack your HS100s? How, and what did they do with them?
If the hackers had access to your network it might be possible. Internal devices can’t expose ports outside your network, they can only make outgoing calls. Was it a man in the middle attack?
From: mppde...@googlegroups.com <mppde...@googlegroups.com> On Behalf Of sergey
Sent: Thursday, August 1, 2024 3:50 AM
To: MppDevices <mppde...@googlegroups.com>
Subject: Re: [MppDevices] Re: New TPLink not found by AM Server
Hi, I bet your old HS-200 are about 1.0 - 3.0 hardware version , so it's highly unlikely they will get update for new software... But anyway it's a good idea to block all these TPLInk's devices from internet due to their high hackers targeting , excessive gathering information about local network and etc... Unfortunately there is no official way to downgrade software..
And yeah - the TPLINK support was right - all these API is unofficial ..
As for me I stopped using all these "branded devices", moving on my own, after several of mine HS-100 where hacked with malware..
On Wednesday, July 31, 2024 at 8:43:21 PM UTC+3 ChrisM wrote:
I received the below response from TP-Link concerning my question on support for a local access wiping their hands of it.
I just wish there was an option to downgrade the TP-Link firmware. Anyway, I'd better block internet access for the TP-Link devices in my network that are working with AM Server just to prevent a FW upgrade. I wouldn't be surprised to see a Kasa App upgrade come along that automatically updates device firmware.
Chris
Yesterday
To view this discussion on the web, visit https://groups.google.com/d/msgid/mppdevices/95209602-d0b5-4768-8cc3-96d9dffd184fn%40googlegroups.com.
Yeah, it’s definitely risky if your devices are physically accessible – any device (including matter) can be hijacked if they can be reset and the setup credentials are usually printed on them.
It might be possible to use matter or homekit devices safely on a shared or open network if they’re not physically accessible, but I’d want to be cautious. Anything else could probably be hacked if the hacker was motivated. I doubt it was a weak router connection, but if the router wasn’t properly protected they could gain access to the network (if it wasn’t done by someone in the community already on the network).
I’m not sure what you mean by “admin password”, are you talking about the security key TP Link would use for setup? There have been attacks that used a password through the on board serial port, they need to break open the device to do that. It might have made resets impossible. You’re certain it wasn’t a power surge that bricked them and perhaps welded the relays closed?
To view this discussion on the web, visit https://groups.google.com/d/msgid/mppdevices/415999e8-ae39-4f73-a7bb-e6b4ce76cee0n%40googlegroups.com.
If it was karma/wifi it was someone local then, right? They couldn’t log into the linux box over wifi, so they must have updated the firmware - is that what you suspect? That’d be a lot of trouble as it’s protected by an encryption key – to what end? Just malicious?
The ones that wouldn’t reconnect – you mean they wouldn’t broadcast their AP?
Honestly it sounds more like corrupted flash to me… how would the guard notice a power surge? When it’s happened to me all I noticed was some of my electronics stopped working after a thunderstorm…
I’m asking because this would be the first real evidence of an OTA hack of an IoT device – every time I’ve pressed one of the z-wave or zigbee guys for evidence of a hack of a wifi device they wave their hands and point to published vulnerabilities that need physical access or old unprotected cameras that were open to the internet. I’m hoping we have some real evidence here. Even CRACK was overblown, it was never a real risk to home plugs, switches, or bulbs.
To view this discussion on the web, visit https://groups.google.com/d/msgid/mppdevices/f6671eeb-63ed-411c-aeeb-e74b0f5dcc49n%40googlegroups.com.
I get why hackers would go after cameras and routers, it was relatively easy to steal the feeds and for some reason appealing to them – those CPUs could do more too. Plugs have low RAM and slow CPUs. It’s a lot of work to take over and flash an alternate binary so I was skeptical and dismissive of the z-wave/zigbee folks claiming wifi plugs were being used for botnet DDOS attacks or bitcoin mining… Even the vulnerability reports that needed physical access were never actually completed - they stopped at proving it was possible.
I’ve yet to see a vulnerability report of an OTA flash, most are buffer overflow attacks done over serial. I do realize absence of evidence isn’t evidence of absence… so it’d be interesting to get solid proof to keep me from being dismissive to them 😊.
When the plug electronics fail the LEDs are often left solid on or off (the output pins feeding them staying in the default/reset state), same with relay pins – depends on the hardware. My house (or the power line) was hit by lightning once, no smoke or burning, just dead appliance boards.
To view this discussion on the web, visit https://groups.google.com/d/msgid/mppdevices/7db84218-72d7-4d94-b160-62f2b68372edn%40googlegroups.com.
So far firmware updates I’ve seen for kasa and tapo (I have some cameras) have all required to be initiated by me in the kasa or tapo app.
From: mppde...@googlegroups.com <mppde...@googlegroups.com> On Behalf Of ChrisM
Sent: Friday, August 2, 2024 8:52 AM
To: MppDevices <mppde...@googlegroups.com>
Subject: Re: [MppDevices] Re: New TPLink not found by AM Server
I'm using Eero mesh and these routers have a "pause" feature that blocks internet for a specific device or group of devices. So I put all of my TP Link devices in a group and paused them and quickly saw them go unreachable by AM server. Same for my Sonoff devices that I had flashed MPP FW. So I guess the feature blocks more than internet access. It seems to block local routing as well. This was an unexpected glitch in my plan to block them from an unplanned FW upgrade by their cloud master! Not sure what to do now other than delete the Kasa App.
On Thursday, August 1, 2024 at 3:49:59 AM UTC-4 serg.s...@gmail.com wrote:
Hi, I bet your old HS-200 are about 1.0 - 3.0 hardware version , so it's highly unlikely they will get update for new software... But anyway it's a good idea to block all these TPLInk's devices from internet due to their high hackers targeting , excessive gathering information about local network and etc... Unfortunately there is no official way to downgrade software..
And yeah - the TPLINK support was right - all these API is unofficial ..
As for me I stopped using all these "branded devices", moving on my own, after several of mine HS-100 where hacked with malware..
On Wednesday, July 31, 2024 at 8:43:21 PM UTC+3 ChrisM wrote:
I received the below response from TP-Link concerning my question on support for a local access wiping their hands of it.
I just wish there was an option to downgrade the TP-Link firmware. Anyway, I'd better block internet access for the TP-Link devices in my network that are working with AM Server just to prevent a FW upgrade. I wouldn't be surprised to see a Kasa App upgrade come along that automatically updates device firmware.
Chris
Yesterday
To view this discussion on the web, visit https://groups.google.com/d/msgid/mppdevices/38fc1451-4d75-4db9-af2c-fd9f36d6451bn%40googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/mppdevices/080801dae4de%24411ca580%24c355f080%24%40gmail.com.
Yeah. I don’t sweat about data harvesting, but I do worry that a cloud vendor could get hacked or coerced by an unfriendly government to inject malicious behavior into their secure data stream to take over devices. The biggest risk for this is probably with phones and routers vs IoT and an awful lot of those are from offshore companies.
It’s my understanding that in normal operation it’s too risky to update firmware without permission due to lawsuits, e.g. a plug update turning off a cpap or similar.
The TPLink & Tapo devices can act a bit odd when they can’t reach the internet - the old ones won’t run time based rules, and some newer ones will reboot after a while to try to recover their cloud connection.
To view this discussion on the web, visit https://groups.google.com/d/msgid/mppdevices/7211338a-b0e5-4c93-b583-e877e58833cfn%40googlegroups.com.
The IP addresses of the devices does not change.
The IP addresses of the devices does not change.Right, I didn't mean that the IP is changing , I meant that the router takes all the device's MAC address from the group and restricted packets transmission whenever outside this group. Have you tried to include AM server that group too ? I wander if it help ?
--
You received this message because you are subscribed to the Google Groups "MppDevices" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mppdevices+...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/mppdevices/8bf64c48-aebc-4e86-bf09-30b9e3889034n%40googlegroups.com.
The IP addresses of the devices does not change.Right, I didn't mean that the IP is changing , I meant that the router takes all the device's MAC address from the group and restricted packets transmission whenever outside this group. Have you tried to include AM server that group too ? I wander if it help ?
--
You received this message because you are subscribed to the Google Groups "MppDevices" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mppdevices+...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/mppdevices/8bf64c48-aebc-4e86-bf09-30b9e3889034n%40googlegroups.com.
First attempt at supporting the new TP Link authenticated API is available in beta 17.4.0 (as soon as it’s approved by google).
The TP Link username and password (the tp link account you used in the app when you setup the device) is set in the app user preferences. There’s only one per WemoManager instance so they need to be the same for all devices you manage. They’re encrypted internally by AM when it saves them so you can’t see what AM is using. If they need to be updated you need to re-enter them.
I only have an HS200v5.2 so it’s the only one I can verify. I suspect all of the single switch/relay devices will function with this API, but bulbs, dimmers, and multi-devices will need additional work. If anyone has any they want to see if I can get working, discover them then send me the log – let me know which IP or device type to look at. There might be some back and forth with betas to get them going…
This *might* be the same API that’s used for Tapo devices – I don’t have one so I’m not sure – if anyone wants to give it a try let me know how it goes, and if it’s close to working (send me the log) I’ll see if I can get it sorted. If the API is completely different it’ll need to wait till I get one…
Any device that shows up broken you can mark “ignore” to get it out of the main path. If you use “forget” or it’ll probably be found by AM again.
--
You received this message because you are subscribed to the Google Groups "MppDevices" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mppdevices+...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/mppdevices/004d01dae875%2483bc62f0%248b3528d0%24%40gmail.com.
I think that error code means the encryption is broken. My HS200 is still working but I see there’s a firmware update 1.0.3 for it which may be the new encryption algorithm. Mine’s working on 1.0.2, I’ll upgrade to see if it stops working, and if so I’ll see if I can get it sorted.
From: mppde...@googlegroups.com <mppde...@googlegroups.com> On Behalf Of ChrisM
Sent: Sunday, September 15, 2024 8:19 AM
To: MppDevices <mppde...@googlegroups.com>
Subject: Re: [MppDevices] Re: New TPLink not found by AM Server
From the log after doing manual TP Link search:
To view this discussion on the web, visit https://groups.google.com/d/msgid/mppdevices/1d87ec27-18f3-4b76-a9dd-f24cf018f632n%40googlegroups.com.
Yep, I’m getting a 1003 on it now too.
Yep, I’m getting a 1003 on it now too.
--
You received this message because you are subscribed to the Google Groups "MppDevices" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mppdevices+...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/mppdevices/00ba01db0795%2443d8ba00%24cb8a2e00%24%40gmail.com.
There is an “auto firmware upgrade” button in the tapo app, I have mine disabled.
From: Chris McGaffey <chris.m...@gmail.com>
Sent: Sunday, September 15, 2024 7:11 PM
To: trogli...@gmail.com
Cc: MppDevices <mppde...@googlegroups.com>
Subject: Re: [MppDevices] Re: New TPLink not found by AM Server
Thanks Mike. Mine is running 1.0.3 but it was 1.0.2 when I installed it. I didn’t upgrade it. Not sure how that happened.
Ok, AM beta 17.5.6 seems to be working with HS200v5 1.0.3 now, should be available from play within 24hrs or so. That was not fun :(, their security is really over the top now. If they do another version I'm not sure how enthusiastic I'll be about support it...
--
You received this message because you are subscribed to the Google Groups "MppDevices" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mppdevices+...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/mppdevices/306f2a95-edcb-4e03-8850-23744cf27f29n%40googlegroups.com.