Hi. The problem these days, is not only if something is exposed to the www, but even if it can only be "seen" by other nodes on the same LAN. Such as the main shack PC, that probably can reach out to the WWW. Once "something" gets into that PC (or your IoT lightbulbs!) It can at it's leisure scan your shack (and/or home) LAN, looking for other nodes/devices to poke at later, after "phoning home" with the details of what it found.
You all have got your dumb IoT devices (including TV's and PVR's) on a segregated VLAN haven't you? No! You have work to do then! Also, irrespective of the OS used, one way to reduce the chance of user induced mayhem, is to boot from a (protected) read only medium, copy the OS to RAM (for speed) and use another SD card as persistent storage, with an option during the initial boot (if for example) some combination of keys are held down, to load the default settings into the "user" area, as an easy "Factory Reset" feature. Then, whatever the user does, when (not if) they muck it up, there is an easy get out of jail free card. As to the network security issue, the only "secure" network device, is disconnected, powered off and in a sealed & screened box! Period. What may be regarded as secure "now", in six weeks time could be hacked to hell and back by script kiddies all over the world. In truth, currently, the bad types have the upper hand. Sadly (as with any OS) a continual surveillance of the ecostructure is needed, and the inevitable updates. There are many ways to do that of course, some easier, and some more "secure" than others. Security and convenience are mutually exclusive, sadly. (In the case of a RO boot medium, a switch would need to be flipped to allow a (once verified) image to be flashed onto it, one time, said switch auto resetting once programmed.) Or another card shipped in by post, and that's not as secure as you might think either! Regarding legitimate use of a LAN/WAN connection. One would hope(?) that at the bare minimum:- The radio control firmware is not run as root. Incoming ssh requests are ignored/blocked. In the case ssh connections are allowed, root login by ssh is blocked, and only pre authorised (by certificate) user(s) are allowed in (Elecraft themselves for example.) The use of su and sudo are blocked if anyone does get to a command line as "a user". Also browsing the OS software/settings folders is blocked, should the firmware die, leaving the user at a command line. Have the radio "reach out" to Elecraft central when needed using OpenVPN (for example, using the current state of the art security model) to check for updates (user initiated) or for Elecraft to remote admin, after telling the user how to initiate that feature.. Any such automatic updates are "staged" within the rig, until they can be verified as complete, uncorrupted and genuine, before being applied. Any custom daemon software intended for legitimate remote control/interface use, should be written in such a way, that any corrupt or unknown commands (and/or parameters) are ignored, not even returning any error code to the initiator. Greatly reducing the ability of it to be "fuzzed" for vulnerabilities. Also, . Similarly, any code created to allow the radio to control accessories via the LAN port (PA's ATU's etc) should be created with security in mind. Such command & communication links should be encrypted, so only the intended endpoints can see/use the data. ESPECIALLY, in the case that such links traverse the public internet... (A licence requirement here in the UK by the way!) Any built in Digimode software (PSK, RTTY, CW, JT modes etc) should also be run in a VM, within the radio. Hopefully preventing any possible remote takeover issues via that route! (None that I know of at this time, but ...) ~ ~ ~ Trouble with all the above it, it takes */a lot of time and effort/* by the equipment makers to do, and do right, plus the testing of it all, or contracting in some qualified penetration-testing types to test it all for you. And that cost money. That, and capable hardware to do all that, is also not exactly low cost (but is getting lower in cost.) Also, all the above is not unique to Linux, */all OS's/* have their issues, just that some are better(or worse) than others. Effective Security is difficult to make user proof. Educate the users first. If nothing else, listen to the "Security Now" podcasts by your countrymen. https://twit.tv/sn (Another episode later today.) Entertaining, and you might get an appreciation of just how much mayhem is going on out there right now. Happy Days! Dave B G0WBX. (I have learnt much of the above the hard way, by digging friends and family, and some work colleagues, out of the mire induced by a lack of knowledge of how to stay safe on-line, and from the Security Now podcasts.) -- Created on and sent from a Unix like PC running and using free and open source software: ______________________________________________________________ Elecraft mailing list Home: http://mailman.qth.net/mailman/listinfo/elecraft Help: http://mailman.qth.net/mmfaq.htm Post: mailto:[email protected] This list hosted by: http://www.qsl.net Please help support this email list: http://www.qsl.net/donate.html
