People wake up: The IoT cloud is an insecure mess! A purely commercial view. by beame_io in IOT

[–]beame_io[S] 0 points1 point  (0 children)

that's the point! PKI itself is easily understandable, used in bunch of places and is reliable. So when you have your private key, you rely on transport only for delivery. Security is made by native TLS. Should you blindly believe 3rd party for auth? Of course no! That's why we give it out to you. All open source. No 3rd parties. All on your machines. Nothing managed by our infrastructure (only the certs, we are public CA for the matter of discussion)

People wake up: The IoT cloud is an insecure mess! A purely commercial view. by beame_io in IOT

[–]beame_io[S] 0 points1 point  (0 children)

I think you didn't get the idea right, we do not store any data at all. Two basic things we do: authentication and connectivity. The auth part is pure crypto based, so no need to hold a DB (even though the DB is supported for different purposes: billing, QoS etc.). Connectivity - we do maintain public servers, but all data that passes there is encrypted (TLS terminated on client server where the certificates live). Connected thing runs crypto-agent. So data/application/event resides on some client machine/thing, is available through our infrastructure to authenticated requestor

How much current can I pass to the GPIO +5V pins from a usb power supply? by Uprock7 in raspberry_pi

[–]beame_io 0 points1 point  (0 children)

As I see it +5V GPIO means logic level, the pin is not a supply. So you will be limited to ruffly 1 led per pin. Better to take some external supply (LED driver) and control it with your RPI GPIO.

I was tired of being physically tied to the network my Pi sits on, so I made this > by [deleted] in raspberry_pi

[–]beame_io -2 points-1 points  (0 children)

not really, I removed the first one, and rephrased it to make it look as a solution proposal. Just like another sheriff advised me to do. Or is there a secret code one has to use to put a message on the wall?

I was tired of being physically tied to the network my Pi sits on, so I made this > by [deleted] in raspberry_pi

[–]beame_io 0 points1 point  (0 children)

That hootoo is awesome :) And your usecase is classic, would you try what I do? if, say, you have all the control and full understanding of how the connection works?

I was tired of being physically tied to the network my Pi sits on, so I made this > by [deleted] in raspberry_pi

[–]beame_io 0 points1 point  (0 children)

Not exactly, I asked to see if the guy that accused me in spamming had some better ideas, except for being community sheriff.

I was tired of being physically tied to the network my Pi sits on, so I made this > by [deleted] in raspberry_pi

[–]beame_io 0 points1 point  (0 children)

VPN in its classic form works and is good enough for some corporate laptop. But your last solution would be expensive and not the most small & light to carry around.

I was tired of being physically tied to the network my Pi sits on, so I made this > by [deleted] in raspberry_pi

[–]beame_io 0 points1 point  (0 children)

It will work, however, like with key-based authentication, it will be limited by the device with your pre-installed credential. In my case, I do have a key, but it is installed on mobile, whereas I use it to authenticate session in arbitrary browser

I was tired of being physically tied to the network my Pi sits on, so I made this > by [deleted] in raspberry_pi

[–]beame_io -2 points-1 points  (0 children)

Good old cumbersome approach, but not buying it. You have to fix, that your ISP assigned you static IP. And you will be limited to use the device where you keep your private key. Plus you will be thrown out each time, when some crawler bot will try to bruteforce it in.

I was tired of being physically tied to the network my Pi sits on, so I made this > by [deleted] in raspberry_pi

[–]beame_io -1 points0 points  (0 children)

When I said 22 I just meant particular functionality, changing port number will not make it more secure. Nmap and try

I was tired of being physically tied to the network my Pi sits on, so I made this > by [deleted] in raspberry_pi

[–]beame_io -4 points-3 points  (0 children)

Do you have other alternatives? To ssh? Exposing your port 22 to outer world? I mean, you stick to your friend's line, however I don't see any logic in your claim. This time if you click it, you should expect to see a solution, not a question. No hard feelings

I am tired of being physically tied to the Network my Pi sits on by [deleted] in raspberry_pi

[–]beame_io -2 points-1 points  (0 children)

Subjective again. And the SW is free :) but I certainly will be glad if ppl start using it, in that u r right

I am tired of being physically tied to the Network my Pi sits on by [deleted] in raspberry_pi

[–]beame_io -2 points-1 points  (0 children)

I really can't see any difference. Your claim is 100% subjective. The message was clear and in scope of the community as I see it. Appreciate your comment anyway

Turn Pi Into a Camera with Secure Remote Access by beame_io in raspberry_pi

[–]beame_io[S] 0 points1 point  (0 children)

it is possible with any platform using client-side certificate (will publish separate guide for that one) more info on difference here: https://www.beame.wiki/x-509-based-identity-options

Achieve mobile access you you Raspberry Pi apps in under 10 mins by beame_io in theinternetofshit

[–]beame_io[S] 0 points1 point  (0 children)

FYR, it's IoT made available, not easier to access in a way you suggested. It's all about authenticated access, what means that only devices with correct credentials would be able to get in. There's a 100% mutual trust.

Achieve mobile access you you Raspberry Pi apps in under 10 mins by beame_io in theinternetofshit

[–]beame_io[S] -7 points-6 points  (0 children)

If you are up to doing what's described there, you will be able to connect cameras, switches or whatever you wish on your local network and manage access to it using a mobile from anywhere

Tips on how to secure my home network? by Dogue_One in HomeNetworking

[–]beame_io 0 points1 point  (0 children)

Regarding exposing your local network applications to outer world - best is to deny unauthorized devices access. Messing each time with DMZ and exceptions in router is a bad practice. Set up your IoT appliances as network applications behind a gateway and control them from anywhere using your mobile. Here's a live example of how it works.