Xipiter has a great write-up on how they hacked the MiCasaVerde Vera quickly and easily:
This is a good illustration how the funky remote access methods for Vera got them into trouble. They would be better served with the API keys & calls other IoT hubs have been focused on. If you are running a Vera, it may be worth investigating offline mode until there is some confirmation that the remote access is possible or not.