WEMO Application

Showing results for 
Search instead for 
Do you mean 
Reply
Posts: 1
Registered: ‎08-12-2015

Wemo security or not with visitors

Here's my situation:

 

I have Wemo at my house.  I went to visit a friend who gave me internet access.

I pulled up the App, now all his devices are registered in my wemo app.

 

If I go home and turn off the wifi, I can control his lights, TV, etc..... change his rules, rename his devices (that was fun) and then Echo can't access them because the names changed.

 

Friend doesn't trust me to operate his house remotely.  Has cable company come in change his wifi, reset all his devices...I still have access.

 

If I get internet access anywhere there's wemo devices, once I scan and add them to my list, I can completely control them unless they turn off Remote Access, which sucks for him.

 

For me, I really don't want a bunch of devices in my list that I "shouldn't" be turning off and on, and I can't see a way to delete them from my device list.  I can hide them, but not remove them.

 

Am I missing a huge part of this?  Can I go on networks, scan for wemo devices and then control the world from my couch?  If only Dr. Doom knew.....

Posts: 2
Registered: ‎08-11-2015

Re: Wemo security or not with visitors

On your App (iOS) go into More> Remote Access> (Your friends router name should be visible) click Forget & Disable

 

That should fix the issue

Posts: 88
Registered: ‎01-13-2015

Re: Wemo security or not with visitors

[ Edited ]

iWemo's advice may temporarily end rick's access to his friend's wemo's, but it seems to me that Rick highlights a bigger issue.

He should probably not have been able to gain access to the friend's devices to begin with.

 

Is there not a way that Belkin can allow wemo owners to limit device access (even those who have legitimate local wifi access) to just a certain list of trusted users; mostly family members and certain close friends?

 

I allow a number of relatives and other friends to access my wifi while they are at my home, but I see no need for them to be able access my wemo devices.

Posts: 65
Registered: ‎05-24-2014

Re: Wemo security or not with visitors

@btcompute You can control your WEMO devices using up to 6 mobile devices only. But, it's still nice to control who can access it. Probably, they can require a username and password or what not.

Posts: 1
Registered: ‎08-14-2015

Re: Wemo security or not with visitors

Wow.
This is a serious security issue. Any words from belkin about this ?
Posts: 2
Registered: ‎03-30-2015

Re: Wemo security or not with visitors

This happened to me.  I raised the issue back in April on this Blog and I don't believe other Users understood the problem. As more people use WeMo the worse the problem becomes.  Tried everything I could think of including the obvious use of a Guest password access, nothing worked

Posts: 88
Registered: ‎01-13-2015

Re: Wemo security or not with visitors

Hopefully someone from Belkin will see this and offer suggestions or have the developers work on a solution.

 

Any thoughts on this Belkin?

Moderator
Posts: 555
Registered: ‎06-17-2015

Re: Wemo security or not with visitors

This actually cannot be helped for now since the app uses UPnP as a way to discover WEMO device within the network. Best way to work around this is to manually delete the data saved in your mobile device.

 

For android, you can delete the data by accessing the WEMO through the application manager and selecting Clear Data (not Clear cache). This link can help: http://www.ubergizmo.com/how-to/how-to-clear-android-cache-apps-and-browser/

 

For iOS users, you'll need to uninstall and reinstall the WEMO app itself.

 

Once done, it should delete all WEMO device that was previously saved in the app. To restore your devices in your list, simply make sure you're connected to your network where the WEMO devices are and open the app, then it should auto-populate your WEMO devices again. Please take note that this is just a work around, not a solution.

 

Hope this helps.

Thaddeus - 14850
WEMO Technical Support
WEMO Maker Inventor
Posts: 1,661
Registered: ‎06-14-2014

Re: Wemo security or not with visitors

I think you've got the easy scenario covered, thanks.  So if I'm visiting and they let me connect to their wifi, I open my belkin app to control my home wemos remotely I'm going to pick up his wemos.  When I go home I can clear everything and start over, ok, I get that.  If someone visits me and picks up my wemos  I can ask them nicely to do the same.

 

The case that seems to be missing is if they refuse to do so.  We need the ability to a) remove remote access for a device, and b) lock down our accounts to prevent new devices from gaining access.  There's been a related request for users to get back remote access when it's been lost (e.g. when one gets a new phone while 1000s of miles from their vacation home wemos).  These cases seem to suggest we need access to our accounts in the belkin cloud.

 

Is there a risk if  I buy a used wemo?  There's been a few instances of strange devices showing up on the wemo app (mostly the netcam) which is a bit worrisome too. I can remove a stranger's device, but how do I know if someone else has access to mine?

 

Speaking of which, a little more transparency about what is being kept about our wemos and us in the belkin cloud would not only be welcome, it may required by law.  Are you protecting our "right to be forgotten"?  Are you keeping our personal data within the country of origin where required? How do we know who has access to our wemos so we can confirm our privacy?

Posts: 88
Registered: ‎01-13-2015

Re: Wemo security or not with visitors

MikeP,

 

You make some great points.

I really like the couple wemo's I have, but I'm beginning to see that the software side of things still needs quite a bit of work.