Technology Posts

Posted By

As you know, we take security very seriously at Alarm Grid. Both home and internet security. So we wanted to speak on the Heartbleed vulnerability the Internet has been buzzing about since yesterday.

For those of you that are unaware, Heartbleed is the codename of a serious bug that was exposed in OpenSSL, a popular implementation of the SSL protocol. SSL is the security protocol that secure sites, like e-commerce stores, use to make sure your information is encrypted as you go to make purchased and give sensitive information.

Like most of the Internet, Alarm Grid's servers do use OpenSSL and thus we were susceptible to this bug. We have already fixed the issue in less than 24 hours of notice by patching our servers and replacing our SSL certificates.

Though, there is a hypothetical chance that your password on Alarm Grid could have been compromised. There is zero evidence that it has been, but as a precautionary method we recommend you change your password on Alarm Grid and any site you have used in the last two years. Yes, that's how long this bug has been present, even though it was just discovered yesterday.

It's important to note that we are fully PCI-compliant and do NOT store your credit card information, so there is no chance that your credit card information could have been compromised from our site. We also do not store any passwords or codes from your home security system. So luckily, there is very little risk to you as an Alarm Grid customer.

Please, make sure you change your password everywhere on the Internet and hope the sites you frequent are as crazy about security as we are!

Tags:

Comments


Posted By

We're proud to announce a brand new alarm monitoring checkout here at Alarm Grid. Before we go into the details of our fancy new system, let's go over a quick little history of the old checkout.

We love our e-commerce software, Spree - perhaps more than people should love any software. It let us launch and grow incredibly quickly, all while be very flexible. Maybe a little too flexible to the point of letting us building build original monitoring checkout in it.

Spree was designed for purchasing and shipping physical products. It's amazing for people looking to buy security systems from us. It's helped us tackle complex e-commerce problems like taxation zones, fulfillment, shipping, handling of RMAs and many other things that don't apply to a service like monitoring.

But for our users looking to sign up for alarm monitoring? It was a little silly to have them adding a "Monitoring Plus" product to their shopping cart and going through a whole multi-step checkout process.

Plus it meant you had to pay for your first month of monitoring before we even had you activated. That always bothered us and was one of the primary driving factors behind the new system.

Now? We're proud to announce a single-page checkout for Alarm Monitoring. But beyond that, it has plenty of tricks and features up its sleeve!

For instance, now if you have an account with us and previously purchased equipment we'll automatically fill in your address for you.

And if you're a security enthusiast like us? We're porud to announce our credit card system is powered by Stripe.js. That means your credit card information never even gets sent to us or stored by us.

Perhaps the biggest change? Our new activation setup page. After you complete your checkout you'll be taken to an activation page you can always return until activation under "My Account."

This amazing page is loaded with information for you and let's you send information to your alarm technician before your activation, saving both of us a ton of time.

So please, direct any and all comments and suggestions about the new monitoring checkout in the comments below. We'd love to hear your thoughts.

Tags: ,

Comments


Posted By

We're proud to announce the first of many Alarm Grid new features coming in the next fews months: you can now update your credit card used for your monthly monitoring directly on your account page.

After logging in, simply click on "My Account" in the top right corner. Under monitoring locations, you should see an "Update Card" button next to each of the locations.

Once you click "Update Card," you will be taken to a page that will allow you to update your card directly with our merchant processor, Stripe.

Now, the next time we try to bill you, your new card will be used. If you previously had a card that failed, we'll try and bill you in the next few days using this new card. No need to call our technicians anymore!

And for the tech savvy amongst you, the coolest part of this new feature? The security! Your credit card will get transmitted securely to Stripe and never even get submitted to our server thanks to that little pop-up.

Alarm Grid never stores your credit cards in our database and we'll always do our best to protect you, both online and offline.

If you have any problems with this new feature, please let us know. We have lots of exciting things coming!

Tags: ,

Comments


Posted By

Now that Honeywell has finally made Total Connect home automation control available for Tuxedo Touch keypads, people with existing VISTA Series alarm systems can finally take full advantage of all of the great features Total Connect has to offer. In the past, only the LYNX Touch wireless security system supported remote home automation control through Total Connect. If you had a VISTA system, you could add a Tuxedo Touch or Tuxedo Touch WIFI if you wanted to use Z-Wave home automation devices in your home, but if you wanted to remotely control those devices, you had to setup complicated port forwarding. Unless you were knowledgeable about networks and router setup, you were left controlling your home's Z-Wave lights, Z-Wave locks and Z-Wave thermostats just from your Tuxedo screens.

Thankfully, Honeywell has finally released the long-awaited software update for all existing Tuxedo Touch WIFI units. If you go to the Tuxedo Touch Toolkit website, you will find the software update and steps on how to run the update for your Tuxedo Touch WIFI controller. With the new software downloaded and installed on your Tuxedo Touch WIFI, your Tuxedo Touch WIFI will work better locally even if you don't choose to sign up for the Remote Home Automation monitoring service.

You can now have Z-Wave scenes activated by a security system alarm, a security system event or even a specific zone status change. You can also setup Z-Wave lights to activate and then run for a programmed length of time. You can even program your lights to turn on at sunset and off at sunrise.

Of course, the real advantage of the new software update is the ability to control your Tuxedo Touch WIFI using your Total Connect interactive account. Once you setup your remote home automation control on your Total Connect account, you will have full access to your smart home for remote system control and notifications.

Unfortunately, as non-WIFI Tuxedo Touch keypads use a different operating system and circuit board, the software update will not work on those devices. If you have one of the non-WIFI Tuxedos and you want to get Total Connect home automation control, you will need to purchase a new Tuxedo Touch or Tuxedo Touch WIFI.

Please call us if you are interested in adding the remote home automation feature to your Alarm Grid monitoring service.

Tags: , , ,

Comments


Posted By

Hi guys and welcome to our first technology post.  As head of development, I'll be going over some of the cooler and more unique stuff we're doing at Alarm Grid.

Today I want to address a very serious concern, and a very appropriate one for an alarm monitoring company: security.

By now, I'm sure most of you know what SSL (Transport Layer Security / Secure Sockets Layer) websites are.  You know, the ones that start with https:// and have a pretty little green box in the address bar.


You'll generally notice these, or at least look out for them, when you're doing something that should involve privacy.  You know, like checking out from an e-commerce store (wait, you go to store other than Alarm Grid!?) or logging in to your favorite social network

But have you ever noticed some sites like Facebook and Google make the entire site SSL?  If so, ever wonder why?

It's because of a nasty little thing called session hacking.  That's when you're logged into a site and a user can steal your cookie and suddenly be logged in as you without ever even typing in your password!

I know what you're thinking.  It's what we all think when it comes to hacking.  Pff, that only happens to other people. 

Well, you'd be suprised how easy it is and how out of your hands it is.  Have you ever logged in to a non-full SSL site at a coffee shop?  Then you're vulnerable.   

There's actually applications out there any one of you, no matter how little of a tech background you have, could use to session hack.  (Google it.  Just don't tell them I sent you.)

Even if you login to a secure part of the site and go to a single non-secure part of the website, that cookie (unless they specify it's only for secure pages) is likely out in the open.  Suddenly, you just gave a hacker access to that site as you!

That's why Alarm Grid we decided to make the entire site SSL secure throughout the whole page from day one.  Just try finding an insecure page.  We dare you.

So why don't other companies?  Generally, because it's complicated and expensive. But we take your security seriously.  Both your home's and your identity's.

If you have any questions for me, please ask me below in the comments!  

Tags:

Comments