Honeywell WiFi Packet Captures
Written 2016-08-02
Tags:Honeywell
Data headed to the cloud
Do you see the problem?
![defo_not_tls](https://c3.staticflickr.com/8/7665/28629688082_ea0fc79667.jpg)
TCP port 443 is reserved for HTTPS, which consists of HTTP tunneled over a secured SSL or TLS pipe. However, Honeywell uses something...else. We can plainly see there is no SSL/TLS handshake here, only what appears to be a request to the server and immediate response.
Data coming back from the cloud
![defo_not_tls2](https://c1.staticflickr.com/9/8651/28702833856_5fd1a350f6.jpg)
Perhaps they hoped nobody would look if they used port 443.