Login to My AccountCart Enter online store
PRODUCTSSERVICESDEVICESSUPPORTCONTACT
“I am very impressed with eGauge. This is a really great tool. Every house in America should have one of these!”
Geoff Manchester, Lighthouse Solar
[submit quote]

eGauge Security Considerations

This document answers commonly asked questions about how the eGauge device is protected from unauthorized access.

Overview

The basic philosophy behind eGauge is that the data stored on the device intrinsically belongs to the owner of the device. As such, eGauge Systems LLC is committed to taking all reasonable precautions to ensure the data is only available as intended by the owner.

For installation and user convenience, eGauge devices can be accessed via the Internet by default. Anonymity of the data is ensured since the device does not store any identifying information such as the owner's address or name. The only information stored on the device that could be used for identification purposes is the geographic location ("Settings->Geographic Location"). For privacy- and safety-reasons, this setting defaults to 0 degrees Latitude and 0 degrees Longitude (a position in the Atlantic Ocean). When changing this setting, we recommend setting it to a location near the installation-location of the device, but not so near that the site could be identified. For example, a reasonable approach is to point it to a nearby major intersection, a city center, or similar.

A privacy-enhancing feature provided by eGauge is "Settings->Min. interval for public public usage data". By setting this option to any value other than "No restriction" it is possible to restrict the resolution of the power consumption (usage) data to the selected resolution (e.g., 3 hours). Full-resolution data will only be available to local users.

For ultimate privacy and security, an eGauge device can be configured to not be accessible from the Internet at all. See the section below entitled "Proxy-server connection" how to accomplish this.

The device configuration is protected from unauthorized changes through username/password authentication. By default, the configuration can be changed from the LAN only with username "owner" and password "default". A secret password can be selected through "Settings->Password". When changing the password, it is also possible turn on the checkbox "Allow Remote Administration", in which case the username/password will also work when accessing the device through the Internet.

Network Security

When an eGauge is installed, it is connected to the site's Local Area Network (LAN) via an Ethernet-cable that is connected to a HomePlug adapter. The installation process does not modify or tamper with any firewall products and/or settings that protected the LAN from unauthorized access from the Internet.

Incoming Connections

The eGauge device listens for incoming connections for the following services:
  1. Web service (TCP port 80): This provides the normal user-interface to access and manage the eGauge device. If desired, this port could be exposed to the Internet through a suitable firewall rule (e.g., a rule which forwards accesses to port 8080 to the eGauge device at port 80).
  2. SSH service (TCP and UDP port 22): The secure-shell (SSH) service is used for factory-maintenance and -servicing only and is protected by a unique password that is known only to the manufacturer. This port should never be exposed to the Internet.
  3. mDNS service (UDP port 5353): Provides the multi-cast Domain-Name Service (DNS) which makes it possible to access the device with a name of the form http://eGaugeNNN.local/. This should never be exposed to the Internet.

Outgoing Connections

eGauge has two outgoing connections it maintains:
  1. Proxy-server connection.
  2. Time-server connection.

Proxy-server connection

When an eGauge device is powered up, it connects to port 8082 of the server defined in the "Proxy-server hostname" setting under "Settings->General Settings". Normally, this is set to d.egauge.net. When connected to this server, the device will be listed as available at http://egauge.net/devices/. This connection then makes it possible to access the device from any point on the Internet. In essence, the proxy-server connection is a bridge to the web-service running on eGauge.

It is important to note here that the connection to the proxy-server is completely optional. It is convenient because it makes the eGauge device accessible from the Internet, so power production and consumption can be checked, e.g., when at work or when on travel. Also, the connection enables automatic monitoring of, say, a solar system's performance, such that a solar installer can automatically detect when something is wrong with the solar system.

If for any reason it is undesirable to maintain the proxy-server connection, "Proxy-server hostname" can be set to "0" (the number zero, without any quotes). Once this setting is saved and the device restarted, it will only be possible to connect to the eGauge device from the LAN. The device will not be visible from the Internet, unless the site's firewall rules are changed to allow direct access to the device's web-server.

Time-server connection

eGauge also maintains a connection to the time-server at:
north-america.pool.ntp.org
This connection is used to automatically maintain the proper time on the device. If eGauge is unable to connect to this service, it will still work properly. The only downside is that the date and time may need to be adjusted manually from time to time via "Settings->Date & Time".

HomePlug Security

The eGauge device uses a HomePlug 1.0-compatible link to transmit data to the installation site's LAN. The data on this link is encrypted with 56-bit Data Encryption Standard (DES). For simplicity, HomePlug devices, including eGauge, ship with a default encryption key of "HomePlug". This key can be changed on the eGauge device either through "Settings->HomePlug" (this feature is available starting with v0.82 of the firmware) or through a HomePlug setup-utility available from Netgear or Actiontec:
Even without changing the encryption-key, HomePlug data is fairly secure for two reasons:
  1. The HomePlug signal's reach is limited to about 100ft of wiring and does not extend beyond transformers. Thus, for most single-family homes, the HomePlug signal will be contained to within the home itself. This is in contrast to a wireless WiFi signal, for example, which usually can be picked up easily outside a home.
  2. Even if a neighbor could pick up the HomePlug signal, any traffic other than broadcast traffic is difficult to snoop on because the transmission-characteristics of power-lines is so poor that effectively communication between any pair of devices cannot be picked up by a third device. In other words, the worst that could happen in such a scenario is that the neighbor could pick up some broadcast traffic or could use your Internet connection for their own purposes.
In other words, for best security, we recommend changing the HomePlug encryption password, but even without doing so, most sites likely will be fine. Additional information can be found in a whitepaper provided by the HomePlug PowerLine Alliance:
HomePlug 1.0 Technology White Paper
Copyright © 2010-2012 | eGauge Systems LLC, Boulder, CO | Privacy Policy | Return Policy | Warranty | ARRA Statement