Am I safe to leave it setup as such

Is means that anyone on the Internet can talk directly to it...so it depends on the products security, your password strength etc...

Thanks.

Thermostat can only be configured by Nest servers, it is not user configurable, has no web user interface. It is also linked by serial number to my Nest account so cannot be added to another.

I would therefore think fairly safe to be exposed to the internet unless someone advises otherwise?

Is it just me, or is giving Google control over our lives via IoT a slippery slope...where not even we can control their devices in our homes.... er, anyway, I digress. So, the risk is whether their device is secure - whether s flaw is found in the devices which allow 3rd parties to get at the data, control the unit or use it as a relay... No device can be guaranteed to be 100% secure - like Heartbleed with affected so much (or rather the flaw was present in so much; I'm not sure actual attacks caused much damage).

admin wrote: Is it just me, or is giving Google control over our lives via IoT a slippery slope...where not even we can control their devices in our homes.... er, anyway, I digress. So, the risk is whether their device is secure - whether s flaw is found in the devices which allow 3rd parties to get at the data, control the unit or use it as a relay... No device can be guaranteed to be 100% secure - like Heartbleed with affected so much (or rather the flaw was present in so much; I'm not sure actual attacks caused much damage).

Nope it's not just you. I try to avoid (as much as I can) transferring stuff into the cloud. That's, in part, why I like DrayTek devices; they're not bleeding edge so they don't have cloud connectivity and reporting and all that rubbish which I just consider an invasion of my privacy and a potential security risk.

As for the thermostat, if you know what servers are accessing the thermostat, I would consider setting up a firewall rule to allow traffic to and from the thermostat servers only.

I continued to have frequent but intermittent wi-fi disconnect problems. I'm fairly sure, despite what the Nest website says that the thermostat is the issue here not the Draytek's failure to adhere to correct wi-fi standards as I have no problems whatsoever with any other devices.

Finally seem to have cracked the problem using the following set of configuration tweaks. Probably not all required and channels probably changeable but these are the settings that have finally given me a stable connection so I wanted to share for other people that may have been driven mad by these issues!

1. Make Nest Active True DMZ (NAT-DMZ host)
2. Create SSID exclusively for Nest, do not use for any other devices (Wireless LAN-General setup)
3. Select 11n Only (2.4Ghz) & Channel 13, 2472Mhz (Wireless LAN-General setup)
4. Change security mode for the dedicated SSID to WPA2/PSK instead of mixed (Wireless LAN-Security)
5. Enable APDS Capable (Wireless LAN-WMM Configuration)

Takeo_Ischi wrote:

admin wrote: That's, in part, why I like DrayTek devices; they're not bleeding edge so they don't have cloud connectivity and reporting and all that rubbish which I just consider an invasion of my privacy and a potential security risk..

And not made by American or Chinese companies so those govenments can't make them put in secret back doors And most models not Linux, so they don't share code with 500 other vendor models ( Shellshock, Heartbleed etc...) so a hacker would have to target that model specifically to find a flaw - DRayTek engineers have to write their own bugs and vulnerabilities

On the Nest issue, glad it's sorted...might be worth removing the workarounds one by one to see which is key.