internet programmable relay plc please advice

Reply

  #1  
Old 02-25-11, 10:17 AM
Member
Thread Starter
Join Date: Dec 2009
Location: US
Posts: 12
internet programmable relay plc please advice

Hi
I have a technical question regarding electronic relay/contactor. For a certain reason I need to control some circuits remotely from my PC and from my mobile phone but with the highest possible security. Could somebody tell me if this "internet programmable relay plc" really has suitable encryption and safe encryption?
Programmable Internet Relay Logic Controller Timer PLC - eBay (item 270698406239 end time Feb-26-11 13:52:20 PST)
 
Sponsored Links
  #2  
Old 02-25-11, 11:17 AM
Forum Topic Moderator
Join Date: Feb 2005
Location: Near Lansing, Michigan
Posts: 10,515
SHA256 and AES256 provide very secure encryption as long as you trust that the manufacturer of that device has implemented them correctly as well as the makers of the PC and phone operating systems and applications. As with most security issues the weak link is rarely the encryption algorithm.

Another option you might want to consider is to use off-the-shelf X10 home automation equipment and access it remotely via an established secure tunnel like IPSEC or SSH.
 
  #3  
Old 02-25-11, 11:34 AM
Member
Thread Starter
Join Date: Dec 2009
Location: US
Posts: 12
Originally Posted by ibpooks View Post
Another option you might want to consider is to use off-the-shelf X10 home automation equipment and access it remotely via an established secure tunnel like IPSEC or SSH.
Thans for your answer. I need something compact as "buy and install" - a single simple solution, black box without any server software on PC. Server software can be manipulated by human factor but I would like to avoid human's hands. I don't want complicated system.
Similar system - I have found recently was very expensive (>$3.000)
 
  #4  
Old 02-25-11, 01:56 PM
Banned. Rule And/Or Policy Violation
Join Date: Jan 2010
Location: KS
Posts: 1,896
It looks like this unit will do the job for you, but again, the device is only as secure as the network it is on and the strength of the password. The encryption itself is the strongest available, the same used in military ops. But that won't protect it if the password is "hello" or "god". You need to choose a strong passPHRASE (several words, not just a regular password), that includes both lowercase and capital letters, numbers, and symbols. This is the only way to thwart dictionary brute force attacks on the password. You want a passphrase to look something like "do1tyour$3lF.com is a [email protected] FoЯum". Use a phrase that is easy to remember or means something to you, then modify it with capitals, numbers, and symbols. The less actual dictionary words you have, the better. And as you use it more and more, you'll be able to type it fast.

Another thing if you're concerned about security is physical access to the device. It won't be very secure at eye level in a common area. Make sure it is installed in an area with controlled access. Given access to the device, someone could lock you out of it with a paperclip (most IP devices have a hard reset button that can restore factory defaults).
 
  #5  
Old 02-25-11, 02:40 PM
Member
Thread Starter
Join Date: Dec 2009
Location: US
Posts: 12
Originally Posted by JerseyMatt View Post
It looks like this unit will do the job for you, but again, the device is only as secure as the network it is on and the strength of the password.
Page 12 of this manual: http://www.elkom.com.tw/relay_a/Manual_english_020.pdf

According to the manual - password must be equal or longer then 15 characters. You can't recall defaults or change password without PIN code and you can do it only by USB.
The problem is not the physical attack on the device because "burglar" can simply short cables. There is burglary alarm and there will be additional infrared sensor. No problem.
I don't think that someone will try to break long pin via USB or brute force AES. In case of unencrypted home automation system company's IT guy, network administrator can sniff packets or small ISP could do it and this is the problem. People don't realize how dangerous it is to have unsecured devices. OK I will try one. I need three.
 
Reply

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Thread Tools
Search this Thread
Display Modes