Honeywell WiFi Packet Captures

Data headed to the cloud

Do you see the problem?

TCP port 443 is reserved for HTTPS, which consists of HTTP tunneled over a secured SSL or TLS pipe. However, Honeywell uses something...else. We can plainly see there is no SSL/TLS handshake here, only what appears to be a request to the server and immediate response.

Data coming back from the cloud

Perhaps they hoped nobody would look if they used port 443.