I don’t trust any network. Offtopic in this thread, but how can I trust devices in my network running on closed source software? Some of them have an old OS which isn’t patched anymore. How can I trust my neighborhood; they can capture the wireless traffic between my Homey and Hue?
What’s against more security, no mather if it’s local or public data traffic.
There’s nothing against more security, but local devices typically can’t support HTTPS when you have to access them through their IP-address.
If you want to access your Homey locally over HTTPS, you need to allow DNS rebinding in your local network, with which you open up your network for rebinding attacks. Otherwise, you can only access Homey through the cloud or over plain HTTP (and since your neighbours have cracked your WiFi that isn’t ideal either).
You’re right when it comes to DNS and signed certificates. I’m talking about selfsigned certificates and IP address usage to my Philips Hue. Except a man-in-the-middle attack, a selfsigned certificate encrypts the traffic between the two hosts. By capturing the WiFi traffic -and finding the WPA2 key- they still don’t have my Hue API key.
An extra security is to store the hue-host certificate as trusted to prevent M-i-t-M, but I think this is more related to Homey Core then this app.
Unless you allow DNS rebinding, local traffic to your Homey will also be unencrypted and capturing its WiFi traffic would probably pose a much bigger risk to your home.
To get back more on topic: I understand the usefulness of detecting offline nodes, but isn’t it bad if Zigbee bulbs go off power all the time? Won’t that mess up your mesh? Maybe most devices will find another route, but it sure won’t do response times any good when routers are disappearing and reappearing unexpectedly.
I think you should avoid powering off the devices as much as possible. Found more info (Zigbee V3) here: What Is Zigbee Wireless Mesh Networking? | Digi International
Off course it is better for the mesh to switch off the lights via Homey/HUE or programmable buttons in the home. In my case i replaced (almost) all my bulbs (25+) with HUE bulbs/Tadfri bulbs/Osram plugs/Hue plugs/zwave plugs. (i prefer to include Hue hub to have a dedicated app / keep integration with Apple home.
But we will keep using the physical switches as well, thus the need fro me to create a tool to sync HUE light state based on reachability.
I minimize this ‘risk’ of people turning off the lights physically by using flow cards to auto turn of lights based on time of day/ light level / duration being on / movements / some ip address presence (work laptop for office, ps4 for game room). And i’m thinking to add mb’s downloaded via de router as well. (if that is zero, everybody must certainly be asleep?)
Big thank you for this. I used it as a base to create a Homeyscript to copy what I did earlier in dzVents on Domoticz. Both to get the status of the ligths and also to turn of the lights if they are contiuously unreachable for set time period.
I posted and discussed the code here: topic
Bumping this thread since I have the exact same wish. Zigbee is a two way protocol…so I imagine that it would not be that hard to implement some kind of “ping” from Homey that checks if a mains powered device is “live” or disconnected from power and therefore from the zigbee network.
Just today I have replaced an old incandescent bulb in the shower outside our sauna to a IKEA Trådfri. The reason is that I want to be able to have the bulb dimmed when we are using the sauna (there is very dim light in the sauna and when you get out to take a cool shower a bright light is straining on the eyes and breaks the cosy feeling). I also want to have bright light in the shower for cleaning it and other situations when we are not using the sauna.
What complicates this is that the light in the shower and in the sauna is on the same wall switch, so turning off the shower light using Homey will keep the sauna light on. This means that I have to use the wall switch. Why not changing out the sauna light to a Trådfri to you ask? Well, Trådfri is only rated to +40° C…and that would not be much of a sauna would it? 
In general I feel that Homey lacks indicators for whether devices are “online” or if they have lost their connection to the network. Another example is sensors. I have a multitude of thermometers, light sensors etc using the 443 MHz protocol and there is no way to know if they are connected or not. The only indicator is to check when the last value was reported.
Since Homey only reports when values changes there is no way to know if the (say) temperature is 100% stable for an hour or if Homey have lost the communication with the sensor, maybe because the battery has gone flat. This annoys me immensely! I constantly wonder if the value in Homey is correct or if the sensor is sending in the blind to Homey. This about the sensor got a bit OT…so I think I will start a new thread about this. 
Maybe you can do something with HomeyScript:
AFAIK there’s no such thing in the Zigbee protocol. Looking at how availability works in a better alternative Zigbee controller implementation (zigbee2mqtt), it will simply mark a device unavailable if it hasn’t reported anything within a certain time frame (10 minutes for active devices, 25 hours for passive devices).
433Mhz devices aren’t connected. They just periodically send some data that Homey tries to pick up. That’s how those devices work.
Instead of a ‘THEN’ card, I’m trying to use this in an ‘AND’ card. But here is an extra parameter to be filled in: JSON formatted query parameter. Does anyone have experience what the content should be?
