This is the forum archive of Homey. For more information about Homey, visit the Official Homey website.

The Homey Community has been moved to https://community.athom.com.

This forum is now read-only for archive purposes.

How secure/safe is Homey?

I have installed a Nuki Smart Lock in my home and think about giving Homey access to it. However, I do have some concerns about security and how anyone else but me could enter my home. My plan was to use Tasker as soon as my mobile connected to my Wifi, to change a Better Logic variable (as seen in https://forum.athom.com/discussion/996/tutorial-using-tasker-together-with-homey/p1), which triggers a flow that opens my entrance door. Would you do that?

I see the following risks:
-Someone could steal my phone and would have access to my flat, but he would also have that if he stole my keys.
-Someone could access my Homey and open my door. I chose a long password with upper/lower case characters/numbers/special characters for my Athom account, which I feel to be safe. But as far as I understand, that information is not directly used to access Homey. It is only used to authenticate myself to the Athom servers, which forward me to my Homey with a security token. What if someone gained access to that security token and the Homey ID? How safe is the connection to the Athom servers and from them to Homey? What if the Athom servers would be hacked?
-Someone could manipulate my Android phone to make it change the Better Logic variable to open my door.

Am I too paranoid? Is any of the lower two scenarios realistic? What risks do you see?


Comments

  • I personally would never ever automate my door locks. Simply because it is much easier to hack/tinker with these 'smart' locks without you knowing then it is with normal door locks. ( if you want to get in with a normal door lock you need physical access, with smart locks this isn't  a requirement anymore )

  • mruitermruiter Member
    edited February 2017
    With my klopsleutel I can open most locks within a minute. The more * on the keurmerk the easier  it gets. 

    But everything is hackable. The change you will have a hacker in front of the door at midnight is much smaller the a bucket with a klopsleutel or a brick. 

    My danalock reports back in when it gets turned open. So for me it's much safer then a normal key lock that doesn't report a key turn 


  • If you have some free time tonight and are in need of a new TV.. 

  • ( if you want to get in with a normal door lock you need physical access, with smart locks this isn't  a requirement anymore )

    But the usecases for remotely hacking a lock are very limited, you still want to go through it, so you want to be phisicaly there.  :)
  • jjtbsomhorstjjtbsomhorst Member
    edited February 2017
    Banjer said:
    ( if you want to get in with a normal door lock you need physical access, with smart locks this isn't  a requirement anymore )

    But the usecases for remotely hacking a lock are very limited, you still want to go through it, so you want to be phisicaly there.  <span>:smile:</span>
    That can be but what about the use-case that people hack these things for fun?
  • Why not just use the built-in functions of the Nuki app on your phone to automaticly open the lock? I use "auto-unlock" with Nuki on  my iPhone.
  • G4nd41fG4nd41f Member
    edited February 2017
    The autounlock feature works only in about 50% of the cases when I arrive at home, while Homey recognizes me in 100% of the cases when my phone connects to my Wifi.
Sign In or Register to comment.