Hello SunRay-Users, I am making a description of the Sun Ray technology for an internal brainstorm and want to clear up my understanding of certain subjects.
The idea is to evaluate how appropriate would it be to use Sun Rays in public kiosks working with money/bank cards, like bank ATMs, ticket vending or phone-service payment machines, etc. I'm just back from a trip to Germany, and the DB ticket kiosks are a really exciting piece of user-friendly information technology which can be implemented by terminals :) One problem is protection from physical break-in to the network which connects such kiosks with the session->application servers (i.e. installing "pirate" kiosks or ripping out a kiosk cable and using a hacker's laptop instead, etc.). AFAIK the Sun Ray DTU firmware is cryptographically signed. Does this mean that the server side (SRSS) will only trust those DTUs which have the Sun-provided firmware? In particular, is it true that no software emulator should be able to connect to SRSS? Is it also safe to trust the DTU's identifier (IEEE.MACADDRESS) in server-side software (scripts)? This would allow us to work only with DTUs that are registered (via utdesktop -a) and not known to be compromised and thus unregistered/blocked? How secure is the encryption in the server-DTU networking link? :) On the other matter, has anybody used bank-card readers and devices which "eat" coins and bank-notes with Sun Rays? Are there any with USB and/or serial interfaces, which can also be forwarded to SRSS and that are supported in Solaris/Linux backend server? Is their protocol secured by any means (i.e. to defend from a hacker's peripheral that provides an arbitrary monetary value)? If we were to make an ATM/ticket machine, our server side should be able to learn how much money has been input so far, and this value should be credible, to say the least... -- Best regards, Jim Klimov mailto:[EMAIL PROTECTED] _______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users
