Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: GHL Cloud Questions

  1. #1
    Join Date
    03.12.2009
    Posts
    188

    Default GHL Cloud Questions

    I like the option of a cloud service that can provide monitoring and reporting from various GHL systems, that is an excellent addition to the product range. Well done.

    As with any new addition that affects access, it does bring up a significant number of concerns that need to be explored.

    I understand that this post presents a number of quite provocative question's. My intent is not to sensationallise the issue but rather to raise these points so that some understanding of the consequences of what is being proposed is understood by the community before firmware changes are rolled out in products.

    Ideally I would like to see more detail from GHL in regards to how it will provide security around its cloud service, its communications methodologies and its approach to ensuring the safety of the devices relying on/with access to the cloud service. Please be clear that this is not a request to disclose the specific security details, rather its a request to disclose the approach and methodologies to be undertaken and to initiate a dialog around the concerns that exist.

    Whilst I assume that GHL will deliver a service that is as secure and reliable as it is able to do. It would be good if details could be presented to further list any security standards that it will be adhering to in delivering this service along with design details/goals for what the capabilities of the service will be.

    The length of this post, is intended to provide details relating to a number of concerns and act as a starting point for a conversation with GHL in regards to the security and access implications of the announced cloud service.

    Overview
    The addition of a cloud offering has the potential to be a very dangerous depending on how its implemented for a device like an aquarium controller when the cloud service includes the ability to manage/change the device settings.

    As part of providing a cloud management service GHL is opening itself and its customers up to significant security and financial risk by providing a service that can be attacked, then multiple customers tanks can potentially be damaged.

    By providing a single point of attack (the cloud service), the reward for effort to someone attempting to gain access is significantly more than when compared to a single device.

    Customers also open themselves up to significant risk, as the control of their devices is available to an outside party out of their control (GHL or an attacker of some sort). This can then be manipulated with good or bad intentions without their knowledge.

    This is a significantly different situation to web access/mobile access via a locally controlled router. With web access this feature can be disabled via the local router plus each customer needs to enable the service on their own network if it is required by them.

    By adding a cloud based service that has the ability to manage the controllers, a compromise of security for the GHL Cloud service/software can affect customers around the world with disastrous consequences.

    Concerns
    The most significant concern would be if a malicious person and/or competitor (of GHL or one of GHL's customers) is able to achieve access to the GHL Cloud platform/software. They then have the ability to have all services turned off (or on) for all customer devices connected to the cloud service.

    Given the type of system's, this could range from

    1. Draining tanks via water change processes
    2. Over or under heating
    3. Burning out pumps/heaters by running them without water, causing fire or water damage with heater failures (exploding and draining tanks).
    4. Turning off/on lighting
    5. Excessive or No dosing
    6. Turn all sockets off
    7. Turn all sockets on
    8. Draining CO2 canisters or other gasses into confined spaces
    etc.

    Less malicious issues are also possible. For example a new version of the cloud software application is deployed by GHL. As part of this a new feature is enabled involving new settings to be deployed to devices. This for some reason conflicts with specific controllers (e.g. Profilux III Ex with SMS module) on a specific older firmware. As a result, customer systems stop working shortly after the cloud software upgrade and the customers have no idea as to why their systems have been affected.

    Questions:
    1. As part of adding such a service to the firmware of the GHL products, will there be an option to disable cloud services access from the firmware of each product?


    • By this I mean explicitly being able to disable the controller from communicating with the cloud service. But leaving other functions such as the web site, email access etc enabled.
    • I do not mean disabling internet access in the local router (this may also stop other services, email for example).
    • I do not mean a setting in the cloud service that disables it from communicating with the device.
    • I do not mean the controller attempting to connect to the cloud service, but the cloud service not being configured for the controller.


    2. As part of adding such a service to the firmware of the GHL products, will there be an option to allow read only cloud services access from the firmware of the product?


    • By this I mean explicitly being able to stop the controller from being reconfigured in any manner with the cloud service whilst leaving all other functions of the cloud service such as the reporting enabled.
    • I do not mean a setting in the cloud service that disables it from sending configuration commands to the device.


    3. Will firmware upgrades be provided without cloud communications capabilities?


    • Is it possible for GHL to provide on an ongoing basis a firmware that does not have the ability to communicate with a cloud service?
    • This would enable users to choose not to expose their devices to this risk without the possibility of outside interference.


    4. What security/authentication options will be required for the cloud service to communicate changes with the controller?


    • What I mean here is, how can a customer control changes that are being applied to the device and ensure that changes cannot be made unless explicitly authorised?



    • Eg. Front pannel question on the device for approval ("Accept changes from myghl.com?" displayed on device)?


    or

    • Is there an option to require a non stored pin/password that is passed from the cloud service to the controller with each save of changes from the cloud service? The pin/password being required to be entered by the customer on every change. The pin/password would need to be stored only on the device and be able to be set/changed locally. The details of this pin/password must not be passed to the cloud service as part of the device configuration.


    5. What logging of access/modifications of each of the customer systems will be maintained and how will these be communicated to customers?


    • Will there be a cloud based report of the change log that has occurred for each system (with obfuscation of sensitive details)?
    • Can this detail also be emailed to the customer when there are changes?


    6. What protections will be put in place to stop manipulation of the controller settings whilst work is being undertaken?


    • Currently when work is being undertaken in the aquarium, an option exists to place the controller into maintenance mode. This allows all sockets to be turned off and work safely to occur without power being available to equipment in the aquarium. A current issue, is that these settings can be over ridden via GCC, Touch etc
    • What sort of local override will exist to stop configuration changes being made during such an event?
    • Given that the cloud service can be utilised by someone not at the location (think of a customers tank being monitored by a service person remotely), how can the safety of someone at the tank be improved.


    7. What form of compensation and/or protections would GHL provide to its customers in the situation of the cloud service being manipulated and damage/stock loss occurs?

    Note: I understand that this is an extreme example, but by opening up access to manage the systems from a GHL provided cloud service, this is the type of risk that customers are being exposed to.


    • By this I mean, GHL is proposing to provided a service that can potentially be compromised/misused by someone. By providing a platform that has access to and can manipulate the operation of devices around the world, the opportunity exists to cause damage (or at the extreme a persons death) in multiple locations across the world.



    • What protection is GHL intending to provide so that in the situation where it is held liable for damages that have occurred, that are related to an attack or misuse of its systems and the resulting damage that occurs?


    • What type of insurances are held to protect customers from these sorts of situations?


    I am sure that there are a whole series of other questions, these are the ones that initially have come to mind currently.

    thanks in advance
    Last edited by CaptCrash; 28.01.2016 at 05:35.

  2. #2
    Join Date
    21.06.2011
    Location
    South Florida
    Posts
    827

    Default

    Agree 100%.
    I am very eager to see what this cloud service will do for me.
    I just hope that we are still able to "decline" the option for cloud service just in case we are concerned with the points described above.

  3. #3
    Join Date
    17.11.2012
    Location
    Louisiana
    Posts
    192

    Default

    Quote Originally Posted by doggydoc10 View Post
    Agree 100%.
    I am very eager to see what this cloud service will do for me.
    I just hope that we are still able to "decline" the option for cloud service just in case we are concerned with the points described above.
    X2
    Perry
    A screen shot is worth a thousand words...

    Profilux 3.1N eX, 3 PAB 6D, Slave Doser, PLM-ADIN, Vortech Controller, PLM-PWC, Leak detector, 2 LX 6100HV Mitras
    Controlling a 150 DSA Peninsula mixed reef.

  4. #4
    Join Date
    08.04.2009
    Posts
    265

    Default

    I doubt cloud is going to be compulsory.
    Best just wait and see if yoy like it or not.

  5. #5
    Join Date
    01.03.2013
    Posts
    361

    Default

    Hello,

    thank you for this thread.
    We take security and privacy of our customers very seriously, that's why we work with latest encryption standards and making it as safe as possible. However we can not give our costumers 100% guarantee for safety because it is simply impossible.
    Unlike our competitors we offer it as a free option, which can be disabled by customer. GCC, web interface, smartphone and tablet apps will be developed also in future.

    Unfortunately I can not provide you answers to all questions because myGHL is still in development.
    Like GCC the cloud service will support many different versions.
    Customers will be able to turn off the myGHL cloud connection on each device in device settings. After disabling it there will be no connection to cloud at all, myGHL will not be able to locate the device in database. All other functions like email notification, web interface and network capabilities will not be affected and will work also without myGHL. All cloud settings have to be configured only via GCC or directly on device. It will be impossible to change the cloud settings via myGHL.
    It will be possible to use myGHL as "read-only" service just for monitoring.
    All firmware upgrades will be provided with cloud capabilities, but they will be disabled by default, so the user will have to enable it. It doesn't make sense to develop two different versions, because this feature can be disabled completely.
    myGHL will inform you via email on each change and will send you email logs.
    All devices have to be verified with security key, which will be generated by myGHL and sent to the device.


    I hope, I gave you some useful information about myGHL security. We will provide more information with release of myGHL.
    Last edited by DennisO; 01.09.2014 at 19:05. Reason: Corrected misunderstood sentence
    No support or warranty issues over PM! Please send PMs to the moderators only if you have general problems with using the forum! Thanks for helping us to keep the support efficient.
    Kein Support oder Reklamationsabwicklung über PM! Bitte senden Sie an die Moderatoren nur PMs bei allgemeinen Problemen mit der Verwendung des Forums! Danke dass Sie uns dabei helfen, den Support effektiv zu gestalten.

  6. #6
    Join Date
    08.04.2009
    Posts
    265

    Default

    Unlike our competitors we offer it as a free option
    Thanks for the detailed information.

    just wondering which competitor chargers for this service?

  7. #7
    Join Date
    01.03.2013
    Posts
    361

    Default

    Quote Originally Posted by reef View Post
    Thanks for the detailed information.

    just wondering which competitor chargers for this service?
    I'm sorry, the meaning was, it will be optional. Nobody will be compelled to use it. I've corrected the sentence
    No support or warranty issues over PM! Please send PMs to the moderators only if you have general problems with using the forum! Thanks for helping us to keep the support efficient.
    Kein Support oder Reklamationsabwicklung über PM! Bitte senden Sie an die Moderatoren nur PMs bei allgemeinen Problemen mit der Verwendung des Forums! Danke dass Sie uns dabei helfen, den Support effektiv zu gestalten.

  8. #8
    Join Date
    03.12.2009
    Posts
    188

    Default

    Now that myghl has been available for a while can GHL answer all 7 of the questions I posed.

    I would like to upgrade the firmware of my controllers, but without specific answers to the questions I posed, it leaves me running old firmware.

    My goal is to upgrade, utilise some of the newer features but completely disable any ability for myghl to be utilised to change settings on the controller.
    Using the service to report/monitor the units is attractive and I would like to use this option.

    thanks in advance
    Stay up to date with my efforts at Blue Tang Breeding here http://facebook.com/RegalTangBreeding and Mccullochi Clownfish Breeding here https://www.facebook.com/MccullochiClownfishBreeding

  9. #9
    Join Date
    27.05.2015
    Posts
    2,488

    Default

    Communications with myGHL happen only after the device has been added to your myGHL account. Your device cannot communicate with myGHL unless you've created an account on myGHL.com, added your device, and activated "myGHL" communications from GCC. Once the device has been added, if you wish to stop all communications with myGHL, you can go to the "System" page, you can uncheck the box that says "myGHL active".

    As noted earlier in this thread, we use the latest security tech to create the most secure connection possible.

    I'll bring your other questions to the attention of the myGHL development team.
    Last edited by Vinny; 27.01.2016 at 17:50.

  10. #10
    Join Date
    18.02.2009
    Location
    Kaiserslautern
    Posts
    7,710

    Default

    Yes, this is right, unless you activate myGHL in the device (either using GCC or on the device itself) it will never communicate with the cloud

    so it is not necessary to use an older firmware just to prevent communication with the cloud

    as default setting myGHL is disabled

    but just today we decided to add another setting in ProfiLux:

    myGHL off - no communication at all
    myGHL read only - only read access
    myGHL read/write - full access

    comes in V6.24 during this weekend
    No support or warranty issues over PM! Please send PMs to the moderators only if you have general problems with using the forum! Thanks for helping us to keep the support efficient.
    Kein Support oder Reklamationsabwicklung über PM! Bitte senden Sie an die Moderatoren nur PMs bei allgemeinen Problemen mit der Verwendung des Forums! Danke dass Sie uns dabei helfen, den Support effektiv zu gestalten.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •