WINK Hub update gone wrong!


(Edward Pope) #1

I thought those of us here who came from Wink or maybe who still have one should know the following.

Bad Software update bricks Wink Hub

This is why I am ok that Smarthings takes their time with v2 and updates that are critical to our infrastructure of HA.


#2

Wow. They took out every hub in their network AND some can’t be restarted and will have to be replaced? AND they’re pulling the hubs from retailers until they have a fix? Just wow. HTH did that get past testing?

One of the problems with cloud services is you have to test from a remote location before release. If you only test within a LAN, you miss a lot of stuff.
:zap:️:fire:

Is it too obvious to think home automation companies should have a fixed set of 10 to 15 scenarios they should run every time before releasing an update? You know: add a new account, add/remove a new primary device for an existing account, add/remove a new child device to a bridge, reconfigure a scene/button controller, cross a geofence and trigger a mode change, setup a schedule, change an existing schedule, etc.

It wouldn’t catch everything, but it’s a lot better than just testing what’s new. :see_no_evil:

Edited to add, CNET has more details, including this quote from Wink:

To cut to the chase: We need your Wink Hub back. We’ll update it and get it back to you within a few days. We’ve done all we can to make the process as simple as possible – Just click here.

We’re terribly embarrassed by this whole situation. This outage was completely preventable and caused by a security measure that was put in place to protect you and your family. Unfortunately we failed to make an update to a security measure that was expiring, and therefore locked down your Hub’s access to the server.


(Bernie H) #3

I beta test both software and hardware as a hobby. It’s amazing some of the stuff I have gotten and how bad it is first round. I 've tested products that both the hardware and software were completely unusable and I’ve seen products put off testing for months til they felt it was usable and ready to be picked apart.

Amazing once you put stuff in peoples hands the issues we can find in daily use that companies miss or just don’t think of. Best part is I get to test stuff before it comes out and sometimes before anyone even has heard about it and I get to improve it for everyone.


(Convinced ST will never be unbroken…) #4

Heh, heh. I may be jumping to conclusions, but as someone who’s spent a decade in QA, I don’t think a lot of testing is going on. I think “ship it then fix it” is becoming far more prevalent today then in years past.


#5

It looks like this may have been a date-based problem (access codes expiring), so any update would have triggered it. In which it was a maintenance failure, not a testing failure. Quirky, indeed!


(Bernie H) #6

I was thinking date also. Sometimes when testing I throw the clock forward just to look for that kind of issue but one never knows, and how far forward would have caught it? You can’t catch everything.


(Bernie H) #7

I tested an app recently. It wouldn’t install on my phone. after pulling logs and working with support we found out even though it had a unique identifier generated for the app that it just happen not to be unique. It was conflicting with my energy company app.

So if you happen to live in my half of the state, bought this new to the market piece and have one of either apps installed then the other cannot be installed. So quite a rare possibility and hard for the average joe and tech support to troubleshoot. When I told beta support I could ADB a system log they were jumping for joy and I scanned the log and found the issue in less then a minute. They generated a new identifier and all is well. :slight_smile:


#8

Oh, sure, there are lots of edge cases you don’t find until 100,000 people are using it. (I used to work for IBM.)

But Quirky, in particular, has a reputation for shipping stuff that simply doesn’t work in ordinary use. Even to national reviewers:

I’m not convinced that Wink is ready for primetime. Product after product, we’ve come away with the same complaint: glitchy software.


(Andrew Cockburn) #9

As an apology they gave Hub customers a $50 coupon code - I decided to get a Schlage lock to use with ST until I found out the coupon doesn’t actually work …


(Christopher Masiello) #10

On the bright side - the hubs are only slightly worse than they were before they were bricked.
I had a few “fabulous” Wink/Quirky products in the past. They’re kinda broken right out of the box, so…


#11

Uh oh…I thought you were joking, but the coupon code really did break, too, according to the official site:

The discount promo code isn’t working for me. What should I do?

Unfortunately the promo code was abused and had to be shut off. We’ll email you a new individual promo code 24-48 hours after completing this form…


(ActionTiles.com co-founder Terry @ActionTiles; GitHub: @cosmicpuppy) #12

Just when I was tempted to get a Wink Hub in order to get it bricked and earn the coupon…


(Ron S) #13

Shoot… I had returned my wink hub several months back… Could have earned a 50 bucks coupon!!! Else I wouldn’t even touch that thing with a stick! :wink:


(Kristopher Kubicki) #14

The root cause loaoked like it was a security certificate that expired. Pretty insane. I would hate to be in that finger pointing meeting. It does look like they were able to fix the issue as of 4/19.

Quirky was already subsidizing their hubs at a huge loss just to get market share. I think once they figured out they could fix it remotely they just cut off the promo code to stop the unnecessary bleeding. All in all, pretty nuts.


(Chuckles) #15

It gets better - they now have a fix for their expired certificate - get the user to change the DNS setting in their router; the Wink hub then talks to a “special” server which is then able to update the hub’s firmware.

So - a certificate security feature (expiration date) can be circumvented via a DNS hijacking…

My first guess: the Wink hubs are hard coded to use a specific NTP source and they’re diddling the date (via a dummy NTP server pointed to by their DNS server) to temporarily “re-validate” the cert.


(Andrew Cockburn) #16

That would be a total hack, but stranger things have happened :smile:

In other news, I got my personalized code, good for $50.


(Geko) #17

It appears that the code can only be applied to a single item, i.e. you cannot apply it to several items totaling $50. I was going to get two GE Link starter kits for 24.99 each but it would only give me discount for 24.99.


#18

I have 3 GE Link Connected LED bulbs and they seem to work just fine as ZigBee devices with my SmartThings hub. So even if Wink has problems, shouldn’t the devices be ok with SmartThings?


((Possibly not the Matt you're looking for)) #19

If I were SmartThings, I’d be doing a Google AdWords buy on the query “Wink bricked”.

Take your time with v.2, folks.


#20

And here it is a WEEK later, and despite multiple calls to Wink’s help desk, I STILL HAVE NOT RECEIVED THE RETURN BOX!

back goes the bulbs AND the thermostat !

at least x10 worked!