you'd need to create a "fake" wireless network for it to connect to get to the internet. Then something like wireshark would probably work. However you'll then have to try and understand the data formats (if its not encrypted). Maybe it should be encrypted, however I am not sure how sensitive the data realistically is.

@batalto - that sort of makes sense (to me, I am rather out of my depth here, definitely not a wifi expert, and the jargon does my head in, despite reading up on the subject). The idea came about because I have seen NMEA navigational data (output from a GPS) sent over wifi, and there is software that can display the NMEA sentences in real time, so you can see the live speed/course over the ground etc data. The idea is to have something similar going on for the Midea data, and then write that data to a file and open it in Excel. I'm guessing, but I think the data might look something like this:

[some variety of datetime stamp] LWT RWT PI CAP etc etc and with a bit of detective work we could work out what is what. 

The fact the laptop can connect to the Midea controller seems to suggest to me that a 'fake' wireless network has been set up. I don't think the data will be encrypted, the Midea app bleated about it not being secure, and why would Midea encrypt what is basically a string of numbers containing temperatures and flows etc. It is not easy to see how that data could be used by criminals (which is very different to the giving Midea my home wifi password, which is where I bailed out with the Midea app).

I suppose another potential problem might be that the controller needs the server to tell it to send the data, ie it doesn't just broadcast it anyway, and then the server somehow connects and collects the data. This is where I get confused. A browser requests a web page: it says get what is on this URL/IP address. But a wifi hotspot/access point broadcasts data - as in the NMEA example - but in that example the software needs to connect to the wifi signal that contains the NMEA data, but isn't that what the laptop - Midea controller achieves? By putting the Midea password into the laptop Midea wifi connection, we are saying it is OK for the laptop to receive that data?

I agree the data quality needs to be checked, assuming we can get at it. Some brief sanity checks shouldn't be to hard eg LWT/RWT checked against pipe temps, PI (current flow) CAP (capacity ie output) against meter readings etc. If it all stacks up, we could have real time and historical performance including COP data at our fingertips. We could also see how the weather comp actually works. Lots of potentially useful things...  

@cathoderay if you wanted to know if the server calls for the data, use your laptop as a middle man and scan the traffic going to and from the controller. I imagine there is some kind of login security handshake for the midea servers - I doubt its just an open door.

@batalto - OK, thanks for the leads/suggestions, I'll see what I can find out. I guess Wireshark may be a good place to start. I just hope I don't disappear down a dark web rabbit hole...

You could just install a kit to measure the output? Like the open energy monitor. Or install a second network only for the midea? Might be quicker and cheaper?

I think the laptop/Midea controller wifi connection is a second network, insofar as it is two devices connected to each other. Need to make use of the fair weather we've got at the moment, will try Wireshark when I have a moment.

Posted by: @cathoderay

The Midea controller sends data over wifi to its servers, and it seems it may be unencrypted. Midea controller => home wifi => internet => Midea servers. I have a wifi on a laptop which can connect to the Midea controller, it can see the Midea SSID, and connects when I enter the Midea password. This isn't possible via the home wifi, as the internet bit of the wifi router, which the Midea controller uses, doesn't allow connections between the local wired (ethernet) computer and the Midea data. Does anyone know of a way to intercept the data on the laptop? I'm thinking maybe something like Wireshark? It would be extremely useful to have access to the data on a local PC, and be able to examine it on a spreadsheet.

Sorry I've taken so long to give some kind of answer here. I don't know anything about the Midea controller, so everything I'm going to mention is pure networking, but it should cover a lot of what you want anyway.

Wireshark is a packet sniffer and will pick up whatever your laptop's network interfaces can see. By default, the laptop's wireless network card will only examine network packets either going to/from itself or those being broadcast over the whole network. In order for it to examine packets on the WiFi network that have a specific source and destination that isn't your laptop, you would need to put the laptop network card into what is known as promiscuous mode, and that's where the big problem lies.

I won't say it's impossible to run a network card in promiscuous mode under Microsoft Windows, but to all practical intents and purposes it might just as well be. When we read about insecure public WiFi and people's data being read covertly, it's being done using packet sniffers running on other operating systems such as Linux. Therefore, if your laptop is Linux, then Wireshark will give you just what you want. If it's Microsoft, it won't.

Packet sniffing wired connections is rather more straightforward, but it still relies on the packets actually being seen by your laptop. Therefore, if you had a setup whereby your WiFi access point and your router were not the same box, you could theoretically connect your laptop to the wired network between the two and see any traffic coming from the Midea to the Internet or vice versa. Even then, the access point and your laptop would need to be plugged into a common network hub rather than switch in order that your laptop's network card could see those packets.

I would suggest the most cost effective alternative you have - assuming you're not running Linux on your laptop - is to get yourself a Raspberry Pi with a suitable wireless adapter and install Wireshark on that. There are a number of different articles on t'Interweb about how to set this up, but fairly obviously whilst some are legitimate others are focusing on hacking so I'm not going to post an example link in case I don't review well enough and accidentally pick a nefarious one.

Hope that helps

@majordennisbloodnok - thanks, that is all very helpful. The laptop normally runs Windows, but I might be able to run Linux from a USB stick, and start the ball rolling that way. Like you, I am conscious of the fact that I will be skirting round the edges of the d@rk web, even though what I hope to be able to do is entirely legitamate, and only involves accessing my data from my heat pump. I will update here when I have some news (which won't be overnight...).

@cathoderay, don’t worry. The tools aren’t illegal and anything you do with your data on your network is up to you. You’re in no way skirting round legitimacy even if some of the web pages you may stumble across might be less than scrupulous.