Shop OBEX P1 Docs P2 Docs Learn Events
PINK Security Concerns — Parallax Forums

PINK Security Concerns

knightofoldcodeknightofoldcode Posts: 233
edited 2005-11-06 01:49 in General Discussion
Group,

I was wondering what kind of security the PINK has against "hackers".

For example, in the manual for the PINK it says that you can using a webpage form, change the variables on the PINK.

Does the PINK verify that the form is coming from that PINK, or does it just accept the change of the variable by any form from any server?

Knight.

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-
This message transmitted with 100% recycled electrons.
-=-=-=-=-=-
Gravity doesn't exist. The Earth sucks.
-=-=-=-=-=-
Make a man a fire, and he will be warm for the night.
Light the man on fire, and he will be warm for the rest of his life.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-

Comments

  • Ryan ClarkeRyan Clarke Posts: 738
    edited 2005-11-05 03:14
    The manual also says that you can protect certain pages, including the variable update page. You can also use what ever your protection scheme is from your router/firewall to limit traffic to the IP that the PINK is on (that is up to you)-

    I will also tell you this, we are already working on a firmware update that allows SSH (and certs!).

    Ryan

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    Ryan Clarke
    Parallax Tech Support

    RClarke@Parallax.com
  • Robert KubichekRobert Kubichek Posts: 343
    edited 2005-11-05 03:33
    Ryan Clarke (Parallax) said...
    The manual also says that you can protect certain pages, including the variable update page. You can also use what ever your protection scheme is from your router/firewall to limit traffic to the IP that the PINK is on (that is up to you)-

    I will also tell you this, we are already working on a firmware update that allows SSH (and certs!).

    Ryan

    Ya know, it would great to have the option of storage that is removeable. Then a user can tailor storage capacity to suit the need.yeah.gif
    Can you imagine a 4 gig microdrive in compact flash format? turn.gif
    It would be nice to have a HARD jumper to lock out writes to storage, that would end up making storage read only, it would add protection .roll.gif
    Can you imagine using PINK as a low power website??? turn.gif
    It also would be very small in size.. smilewinkgrin.gif


    Bob N9LVU scool.gif
  • Ryan ClarkeRyan Clarke Posts: 738
    edited 2005-11-05 05:50
    Yes, but keep it in perspective. This wasn't meant as a full blown webserver, it is designed as a device for ether enabling devices. (Not that it *can't* be used in the other capacities, it's just not the right tool for that type of job in general- that's what Apache is for [noparse];)[/noparse]

    Ryan

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    Ryan Clarke
    Parallax Tech Support

    RClarke@Parallax.com
  • knightofoldcodeknightofoldcode Posts: 233
    edited 2005-11-05 07:02
    Hrmmm.... SSH might be interesting, but it wouldn't be of much use to me, I already have VPN to all locations that I would have a PINK at, however, it's pretty slick, nonetheless!

    I didn't think about using a .htaccess (or equivalent) for the update page, and that should deal with the security question. [noparse];)[/noparse]

    Knight.

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-
    This message transmitted with 100% recycled electrons.
    -=-=-=-=-=-
    Gravity doesn't exist. The Earth sucks.
    -=-=-=-=-=-
    Make a man a fire, and he will be warm for the night.
    Light the man on fire, and he will be warm for the rest of his life.
    -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-
  • Ryan ClarkeRyan Clarke Posts: 738
    edited 2005-11-05 07:16
    That structure (using the apache .htaccess file) won't work on the PINK modules.

    Ryan

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    Ryan Clarke
    Parallax Tech Support

    RClarke@Parallax.com
  • LoopyBytelooseLoopyByteloose Posts: 12,537
    edited 2005-11-05 11:33
    Forgive me, but is PINK the new Parallax Internet Connection Device?

    Some people don't know that it is just being made available. And some of us are just plain bad guessers.

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    "When all think alike, no one is thinking very much.' - Walter Lippmann (1889-1974)

    ······································································ Warm regards,····· G. Herzog [noparse][[/noparse]·黃鶴 ]·in Taiwan
  • kb2hapkb2hap Posts: 218
    edited 2005-11-05 14:41
    Thats correct!

    (Announcement)

    http://forums.parallax.com/showthread.php?p=556447

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    DTQ
  • Ryan ClarkeRyan Clarke Posts: 738
    edited 2005-11-05 17:17
    PINK:

    (P)arallax (I)nternet (N)etburner (K)it

    Email announcements, forums announcements and such have already gone out...

    Ryan

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    Ryan Clarke
    Parallax Tech Support

    RClarke@Parallax.com
  • knightofoldcodeknightofoldcode Posts: 233
    edited 2005-11-05 22:24
    Ryan Clarke (Parallax) said...
    That structure (using the apache .htaccess file) won't work on the PINK modules.

    Ryan


    Hence the equivalent bit. [noparse];)[/noparse]

    Knight.

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-
    This message transmitted with 100% recycled electrons.
    -=-=-=-=-=-
    Gravity doesn't exist. The Earth sucks.
    -=-=-=-=-=-
    Make a man a fire, and he will be warm for the night.
    Light the man on fire, and he will be warm for the rest of his life.
    -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-
  • Ryan ClarkeRyan Clarke Posts: 738
    edited 2005-11-06 01:49
    Yes, Knightofoldcode- point of interest, we considered using that same method -

    Ryan

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    Ryan Clarke
    Parallax Tech Support

    RClarke@Parallax.com
Sign In or Register to comment.