Announcement

Collapse
No announcement yet.

Security?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • logbuilder
    replied
    Is there a good reason why the plugin could not use TCP ports only? If we were talking hundreds of devices, I see the benefit of UDP. However, listening on ports unique to each device is not that much overhead given the number of devices that are normally supported by the PI.

    If everything was TCP, we could work towards some sort of encrypted messaging. Maybe not certificate based but otherwise adequate.

    Leave a comment:


  • reidfo
    replied
    Originally posted by logbuilder View Post
    ZoRaC does have a valid concern and I share that concern. I'd love to work on bringing some sort of secured sockets to the plugin. I'm no guru on SSL but seems to me that you can't do SSL on UDP ports, only TCP. Is that right? If so, that creates a real challenge.
    Correct, SSL (TLS really these days) requires a TCP connection. UDP is connectionless, so there is no way to secure it using TLS. In theory you could secure UDP communication using either pre-shared keys or a proprietary key exchange protocol and token, but that's a lot of work.

    I do echo the sentiments of others here that security needs to be top of mind in automation and IoT. Ignoring it because "who would want to control my xxxxx" or "it's on a LAN" is a flawed way of thinking. We've all heard stories of how companies and governments have been compromised by unsecured printers and thermostats. There are stories of DVRs being used as slaves in botnets. Security must be built into products and devices and should never be an afterthought or something for paranoid folks only. It's actually the people who don't know much about security who need it most!

    Leave a comment:


  • logbuilder
    replied
    ZoRaC does have a valid concern and I share that concern. I'd love to work on bringing some sort of secured sockets to the plugin. I'm no guru on SSL but seems to me that you can't do SSL on UDP ports, only TCP. Is that right? If so, that creates a real challenge.

    Leave a comment:


  • Archcantor
    replied
    You could always run an Arduino over USB and eliminate the network completely. Of course you have to use Wifi with NodeMCU but the other variants can be on USB.

    Leave a comment:


  • petez69
    replied
    Originally posted by ZoRaC View Post
    Ended up using TLS and authentication.



    I'm using wifi. All IoT in a separate VLAN already.



    Yeah, but that doesn't reveal how the plugin handles "invalid" data. Could I just pass along any command I want and the plugin will process it? Etc. And asking is a lot easier than sniffing and analyzing.
    Greig will have to answer the question of command set. Good luck and hope youbuse yhe plugin as it s great.

    Sent from my SM-N910G using Tapatalk

    Leave a comment:


  • ZoRaC
    replied
    Originally posted by petez69 View Post
    If you need security then you should select a product that uses secure authentication ie: PGP and encrypted packets. The Arduino doesn't really have the power to do this on the fly. Buy a dedicated solution like the ELK M1G, it uses a proprietary RS485 bus and that has crypto..
    Ended up using TLS and authentication.

    Originally posted by petez69 View Post
    Again if you are so concerned with packets being intercepted, lock the mac address down on the switch port and put your automation onto a seperate VLAN. Best security is an airgap, mixing devices on a network will never be secure. This beats any crypto if the network cant be gotten to
    I'm using wifi. All IoT in a separate VLAN already.

    Originally posted by petez69 View Post
    If you are truly concerned about security then you know your way around wireshark and would be sniffing the packets to assess the security.
    Yeah, but that doesn't reveal how the plugin handles "invalid" data. Could I just pass along any command I want and the plugin will process it? Etc. And asking is a lot easier than sniffing and analyzing.

    Leave a comment:


  • ZoRaC
    replied
    Originally posted by rprade View Post
    This would also be true for a Z-Net, Raspberry Pi, Ethernet to USB, Ethernet to serial, OWServer, GCIR, etc. I don't know of a single Ethernet connected device used with home automation that employs secure communications.
    I hear you and I think that's a fundamental problem in the IoT-world. Security is at the bottom of the feature list... I bet Mirai also thought that using the same password on all their products wouldn't be a problem - after all, the device will be connected to a customers LAN, where all is safe...

    Originally posted by rprade View Post
    I suppose the communications could be encrypted, but that might be a lot of overhead for an Arduino.
    That's what I ended up doing. TLS and authentication against JSON-interface of HS (a TLS-proxy between, as HS isn't exactly good at encryption either). Working great!


    Originally posted by rprade View Post
    I'm quite comfortable with my home network's isolation from the WAN with a separate firewall appliance. There are so many devices connected to my LAN, not just HomeSeer related, that can only rely on that isolation for security.
    Same here - separate VLAN for all IoT-devices, separated from other parts of the network and limited access to WAN.

    Originally posted by rprade View Post
    To be quite honest, I can't see someone with nefarious intent a) having access to my LAN or b) understanding the actual pin layout and functions of my Arduinos to the extent needed to do any harm.
    How do you define "access to your LAN"? If you mean sitting on the outside on a laptop, I agree. But what about your wifi doorbell? Wifi weatherstation? Wifi thermostat? Etc? We have no control of the security level of such devices. Maybe the doorbell could just send packets to the Arduino after seeing what packets HS sends to it?

    Originally posted by rprade View Post
    Are you sharing your local network with other people?
    Yes. Logitech, Nexmo, Fitbit, Canal Digital - just from the top of my head...

    Leave a comment:


  • petez69
    replied
    Originally posted by ZoRaC View Post
    Thanks! That probably made the decision for me, to not buy the plugin.

    If any device that is on the same network as the Arduino can send commands to the Arduino or send false statuses to Homeseer as if it was the Arduino, then that just isn't good enough for me...
    If you need security then you should select a product that uses secure authentication ie: PGP and encrypted packets. The Arduino doesn't really have the power to do this on the fly. Buy a dedicated solution like the ELK M1G, it uses a proprietary RS485 bus and that has crypto..

    Again if you are so concerned with packets being intercepted, lock the mac address down on the switch port and put your automation onto a seperate VLAN. Best security is an airgap, mixing devices on a network will never be secure. This beats any crypto if the network cant be gotten to

    If you are truly concerned about security then you know your way around wireshark and would be sniffing the packets to assess the security.

    Leave a comment:


  • rprade
    replied
    Originally posted by ZoRaC View Post
    Thanks! That probably made the decision for me, to not buy the plugin.

    If any device that is on the same network as the Arduino can send commands to the Arduino or send false statuses to Homeseer as if it was the Arduino, then that just isn't good enough for me...
    This would also be true for a Z-Net, Raspberry Pi, Ethernet to USB, Ethernet to serial, OWServer, GCIR, etc. I don't know of a single Ethernet connected device used with home automation that employs secure communications. I suppose the communications could be encrypted, but that might be a lot of overhead for an Arduino. I'm quite comfortable with my home network's isolation from the WAN with a separate firewall appliance. There are so many devices connected to my LAN, not just HomeSeer related, that can only rely on that isolation for security.

    To be quite honest, I can't see someone with nefarious intent a) having access to my LAN or b) understanding the actual pin layout and functions of my Arduinos to the extent needed to do any harm.

    Are you sharing your local network with other people?

    Leave a comment:


  • ZoRaC
    replied
    Originally posted by petez69 View Post
    There is no security. If there is a concern, put the HS box and Arduinos on a private v-lan...You can run wireshark and watch the commands from any PC that is connected to a port that can mirror to the HS switch port. The handshaking is straight forward when you watch it, equally you can look at the INO source code before compiling and you can see how it interacts with HS.

    Pete

    Thanks! That probably made the decision for me, to not buy the plugin.

    If any device that is on the same network as the Arduino can send commands to the Arduino or send false statuses to Homeseer as if it was the Arduino, then that just isn't good enough for me...

    Leave a comment:


  • petez69
    replied
    Originally posted by ZoRaC View Post
    When using Ethernet-mode, how is the communication between the Arduinos and the plugin secured? Thinking about both authentication and "commands" it receives/sends.
    There is no security. If there is a concern, put the HS box and Arduinos on a private v-lan...You can run wireshark and watch the commands from any PC that is connected to a port that can mirror to the HS switch port. The handshaking is straight forward when you watch it, equally you can look at the INO source code before compiling and you can see how it interacts with HS.

    Pete

    Leave a comment:


  • ZoRaC
    started a topic Security?

    Security?

    When using Ethernet-mode, how is the communication between the Arduinos and the plugin secured? Thinking about both authentication and "commands" it receives/sends.
Working...
X