Re: Compass Software

["Crash Gordon" <webmaster@xxxxxxxxxxxxxxxxxxxxx>]

In the olden days ADI would only give out pw to dealers with accounts and
they were unique for each company...not anymore.


"Joe Lucia" <joe@xxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1129845504.667835.307230@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
|> The fact that the site *is* secured at all should tell you that they
don't
| > want "just anyone" to access the software.  The fact that the softwares
EULA
| > also indicates it's intented to be used by qualified service personnel
| > should also tell you that they don't want "just anyone" to have access
to
| > it...  You seem to miss these important points (as does the individual
that
| > provided you with the user id and password.  If you were to call one of
your
| > local dealers and ask them to supply you with access the Honeywell
Dealer
| > site, what would they say??
|
| The community is a big place and the password has been posted often
| enough to be found somewhere on the Internet (never by ME, I wouldn't
| do that).  That's just bad security.  I'm not suggesting just anyone
| SHOULD have access, I'm just saying if they were SERIOUS about just
| professionals having it, then they would secure it better.  I have no
| sympathy for anyone who doesn't secure a secured site properly.  EULA's
| are useless to the end-user, they just don't care because no one will
| sue them because there is no standard to go by to determine who
| qualifies as a "Professional".
|
| Legally speaking, you are correct in every way.  But, the Internet is a
| big world, Warnings and EULA's are impossible to enforce in this
| scenario.  You Must secure your data/information/applications properly
| or the undesirables Will get it.
|
| > Boy are *you* wrong.  Cars are "programmed" at the factory.  Yes, the
Dealer
| > has to do very little in the way of "intervention", because they *do*
work
| > "out of the box".   GM (Ford, Chrysler, etc.) won't give you access to
| > programming though, and there's no way for you to alter critical
functions.
| > On GM vehicles equipped with "Onstar", you also don't have the option of
| > using another provider.  With the panel software you can pretty well do
| > anything you want (including "nulling" the zones, telco numbers and
account
| > codes).
|
| You are talking about a peice of hardware that is completely programmed
| and configured and ready to go and doesn't need any end-user or dealer
| tweaking, compared to a piece of hardware that has no useful smarts
| until it is configured properly.  You can't alter the core programming
| on an Alarm Panel either, you can only muck with parameters.  Mucking
| up the right parameters in a perfectly good car/alarm system can make
| critical functions fail.  I know people who have the hardware and
| software to pull-over and plug in their laptop to their truck to change
| it's performance (because the configured it for better off-road
| performance but then it performed terribly once back on the freeway).
| Not a dealer or technician, just a guy who knows computers and cars and
| the right sources of the necessary equipment.  Sure the stuff isn't
| available to the general public, but there is ALWAYS a way to get it,
| as we've just seen here, there is always some who Was in the business
| but now isn't and feels they have no obligation to anyone to keep the
| secrets.  It is unfortunate, so we must be prepared for them by
| securing things by USER not by COMMUNITY.  There is always a user in
| the community that will become corrupt.  It's inevitable.
|
| > That won't help.  If, for instance the end-user wants to use the
software he
| > purchases from some online retailer on his own system, he has to call
his
| > Dealer and get the access codes (and in some instances the CSID number
which
| > the software "writes" to the panel on the initial download).  I know of
no
| > Dealer that would give that informtaion out to an end-user.  Doing so
would
| > compromise every panel they have that uses that same software.
|
| True, the installer code could be necessary.  The CSID can be reset to
| blank if you know the installer code.
|
| I'd just default my panel according to the documentation and start from
| scratch (I already know what my zones are and how they should respond).
|
|
| > If you were my customer and decided you wanted to program your own
equipment
| > using Dealer software, I'd say...  "Sure, send me a cheque for the
balance
| > of your contract, then we'll default your panel and you can find
yourself
| > another monitoring centre and servicing Dealer.  Good-bye!!"
|
| I would do the same thing :)  I'm not saying I'd like to support an
| end-user doing this.  Nor would I expect to be supported if I were the
| end-user.  I also expect to be completely responsible for any
| programming errors that might cause undesirable results.  I pity the
| Monitoring Centers that must deal with the end-user-do-it-yourselfers
| but I'm glad They are doing it instead of me.
|
| > There is a way to program the panel without the Alpha keypad.  You have
to
| > be familiar with the panel's reponses though to do it.  I couldn't
"teach"
| > you how to, nor would I want to.  The method is far more prone to error
if
| > you're unfamiliar with the equipment.  Leave the programming of the
panel to
| > someone that is trained to do so.  If you don't like the fact that
they're
| > going to "restrict" you then your option is to have the system defaulted
to
| > a local panel, purchase a remote dialler module and program that to call
| > your cell phone.  Of course, you could always call up "NextAlarm" and
have
| > them send you their dialler.  From what I've read and seen in this group
| > though, I'd have some concerns on how they deal with their customers as
| > well...
|
| You are correct.  I started down that road, programming it blind,
| realizing the prompts are still there as expected, but found the
| manual's examples didn't have every scenario so I had too much trouble
| predicting what to enter next.  If I had done it before with an Alpha
| keypad, then it would not have been a problem to figure out, but I
| hadn't.
|
| We, as a Monitoring Center, will not monitor for an End User for
| many/all of these reasons.  You never know how much the end-user knows
| about everything involved in programming and monitoring an alarm
| system.  I would always recommend a Professional Installer who *has
| experience* with the equipment being installed.  ESPECIALLY if it is
| being Monitored since that is usually where the confusion of codes and
| zones and formats hits home.  Most installers don't even realize how
| complicated Monitoring can be for so many different systems and formats
| and concepts (every dealer has a different concept of how his customers
| signals should be handled).
|
| I expect an End-User could call Honeywell and sweet-talk the password
| out of them by pretending to be a Dealer.  I don't expect Honeywell has
| any way or would wish to spend the time to confirm who is a
| "Professional" and who is not.
|
| Still, don't give out the username and password if it is not yours to
| give and this discussion would never have started.
|