Bentel Absoluta Alarm System integration

Thx, I try it immediately

Hi Nico, I install your addons
configured mqtt and id and code.
from log no error, but in device the entity are disable, why?


You probably have a problem connecting to MQTT. If you notice, those sensors are not from your alarm panel, but are internal sensors for the addon. Please check that you’ve entered JUST THE IP(not the port, for example enter 192.168.1.2, not 192.168.1.2:1833) of the MQTT server and that the credentials are correct.

ok, I wrong IP
now is correct and on my smartphone arrived notify to access APP absoluta PIN

but in device the entity are also disabled

I’ve been using v1.1 for a couple of days now. As for yesterday, no problems encountered, but this morning I’m not having any MQTT message from the addon. The app says the panel is busy.
To be noticed is that yesterday I used Bentel Boss to see the alarm config (in order to edit the entities name), but in the end I made no edits.
If this is supposed to happen, no problem, otherwise I hope this report helps somehow (just tell me if there is anything I can log)

Update: this morning I found out that the system was again not logging anything, so I think it was not due to the access to the control panel. I think v1.1 doesn’t solve the issue completely…

Update 2: restarting the addon does not help…
I get this:

Message 1 received on absoluta/out at 09:12:

{

"type": "info",

"data": "PIN valid"

}

QoS: 0 Retain: false

Message 0 received on absoluta/out at 09:12:

{

"type": "info",

}

"data": "Connect OK"

QoS: 0 Retain: false

But then nothing

Update 3: I can’t access even from the app after fingerprint recognized the app stalls like in the screenshot below… What can it be? When I went to bed yesterday evening everything worked perfectly on HA, now it doesn’t work anywhere…

I managed to get it started.
the button to deactivate works, but to activate it it does not work and I get a notification on my cell where I have an app installed that activation has been refused.
can’t the activation be forced even if there are errors in the control panel?


and there is not a keypad for insert a code

That’s weird. I don’t have this issue and I’ve been running the addon non stop since before I released it. I’ll DM you for more info once I’ve investigated the issue.

Force activation is unfortunately not implemented at this time, I’ll release it in a future version.

1 Like

Installed the update (v1.1) yesterday afternoon, it worked until night. This morning everything is frozen again (it does not notice the deactivation of the alarm and all the zones do not notice changes in status), as happened with the previous version (v1.0).
Is there a way to collect debug messages to help you investigate?

BTW thanks for the great job!

Hi All,
thanks nicomedia for your work. I’vent tryed yet the plugin, but reading this reported problems could be that the Bentel server is going to be overloaded compared to the old connections via phone app? Meybe there is some timeout on server side for connections of the same UUID.
Could be another discriminant the version of the used app on play store, free or PRO?

Thanks all,
Pierpaolo

Hello to all,
I thank Nicomedia for the excellent job done. I had some email exchanges with him and he gave me some tips for my Node.js app where I was trying to interact with the alarm control panel.
I also managed to reproduce the calls to the Bentel server to activate / deactivate the alarm control unit, and for me it is already sufficient for my needs (create automations to activate / deactivate the alarm via voice commands).
As for monitoring the sensors, in my opinion, for how the implementation is structured, there are too many compromises and it will be difficult to keep the connection stable and without problems.
Of course it is possible to restore the connection to each error, but in my opinion as soon as there will be a sustained number of users connected constantly, more and more errors will occur and Bentel will find a way to “invalidate” everything.
In Bentel, to mess up all the work, just change a comma on the server side services and update the official app accordingly.

Another “smoky” aspect of this plugin is the fact that it is by its nature “closed” and on an aspect as delicate as an alarm control panel it is a real risk.
Now, let’s forget that the plugin was developed by Nicomedia which I’m sure is a very honest person … who forbids him to insert a few lines of code in his plugin that sends the pin and the serial of the control panel to someone of any kind? and maybe even the approximate home location calculated from the IP address. With this information, a hypothetical thief could know when the control panel is active and deactivate it at will.
This just wanted to be a point of reflection … let’s pay attention to what we expose on Home Assistant.
Maybe a day Bentel decide to make an official plugin and then the speech would be different.

Even more beautiful would be to be able to communicate with the control panel without going through the Bentel servers … and this would also protect you from the fact that if Bentel modifies even just a comma, nothing works anymore.

2 Likes

Unfortunately this is very true, they have complete control over the server side, so they can change the API at will and release an updated version of the app. What’s also true is that as long as they don’t completely redesign the app, it can still be reverse engineered and a new version of the addon can be made with minor modifications(the node.js and MQTT parts will be the same)

This is a very important aspect that needs to be talked about. The security of your information depends on your home assistant security. If someone can get into your home assistant as an admin, they can get your credentials, but that’s true with any addon and plugin. Always make sure your install is safe.

What I always suggest with any plugin, not just mine is if you have any concerns about security, you can verify independently with Wireshark(or whatever packet inspector you like) that the addon ONLY connects to Bentel’s servers and to the MQTT server you specify in the configuration, and no other connection to any other IP is ever made.

I completely understand the security concerns, especially when it’s about home security, so please always check plugins and addons for security, by looking at the source code when possible or with tools like Wireshark.

1 Like

I don’t think this is the case or else everyone’s plugin would stop working, while my install has been running for almost a week now without any issues. I don’t think that they would even notice less than 10 people being constantly connected to their server.

Maybe could be a good idea to schedule the connection in a way to stay up for example for 5 minutes every 10 mins? Or on demand just for a couple of seconds in order to check sensor’s status.
This could be a compromise to don’t overload servers…

Moreover what about the possibility to interact locally with the IP of the alarm? Does it need to send/receive commands only via the Bentel server?

I know that the central is configurable remotely via Boss opening a tcp port. Could this be useful for the scope?

I’m available for tests if needed :wink:

Some time ago I tried to sniff with wireshark during a session with Boss but I had not discovered much … if you do not know well the protocol used I think it is a difficult task.

Here it is the screen of the system status.
The Areas and zones become highlited when a sensor is open.

I could try to check what is coming out from the 3062 port…

Other kind of information is noticied with different colors:

image

Arming/disarming is doable via right click o the Area

Btw, with the connection estabilished from Boss, the phone app is not able to log in the central that is already busy.
We could avoid problems with Bentel servers, limiting all connections to be local

Let me know if you find something with Wireshark… I suggest to use it in a PC with cabled ethernet connection because sniffing in wi-fi mode is not so reliable.

I tried some time ago but the communication is crypted

@nicomedia, can I offer you a beer for your work?

1 Like

Maybe using Charles (a good proxy) as proxy on the pc something can be done. The central must be setted with dns pointing to the pc with proxy. The problem is that the https messages are crypted and I think it’s not possible to install the certificate needed by Charles software.
This is the starting point I used on smartphone to sniff the https requests on Android (using an old Android 7 phone and an old version of the App because with the recent version Charles not log nothing)