Garadget and security of IoT


#1

Many of you heard the news about recent attacks on online servers using the network of hacked Internet of Things (IoT) devices.

I just wanted to reassure the users, that Garadget devices were not involved in these events and they are not vulnerable to the kind of security weaknesses that made these attacks possible. Among the reasons why Garadget is not an easy target for security exploits are:

  • it doesn’t have default passwords
  • it doesn’t listen to incoming connections
  • it doesn’t run complex operation system (Linux, Android etc)
  • it doesn’t handle high level application protocols (FTP, SSH etc)
  • it connects to local network behind the firewall
  • open source nature of the project makes it available to the public scrutiny and security audit

Currently there are no known security issues with Garadget devices, apps or online services. In unlikely event any problems are discovered, a fix can be promptly dispatched to the affected devices.

In short, please rest assured that your Garadget remains secure and ready to face any future threats.


#2

I am less concerned about the security of the device itself, but the cloud server. Your server holds the key to everyone’s garage door. Based on our IP addresses, successful hacker into your server will be able to know exactly where and which door can be opened and open it remotely without hassle. How can you secure your server fully. When this product gains popularity, the incentive of hacking increases. The higher likelihood your server will be hacked.

I personally will feel more comfortable hosting my own server. My personal system will most likely stay under the radar. Even my own insignificant home system gets loads of port scan daily, I can only imagine the activity on your server.


#3

Garadget uses Particle cloud services which means that day-to-day security of the server end is handled by a dedicated team of professionals. When it comes to Garadget specific server components, I go extra lengths to ensure that no sensitive information is stored long term.

Also, these days cyber-crime is an investment of time and skill with the expectation of a payback. Nobody hacks computers for funzies anymore when there’s money to be made. It’s highly unlikely that experienced cyber-criminals would organize, deploy and coordinate the network of neighborhood crooks across the country to steal and sell the used physical goods on scale and then share the profits.

Still, the support for MQTT protocol (local option) is in the works. You can also request your unit to be pulled out of Garadget making it a generic Particle Photon device (you’ll lose automatic firmware updates and push notifications).


#4

Or an attacker can go on eBay and buy some a garage door keys, walk up to your door, and disengage the a garage door opener so it be opened by hand.

Or if you have an old garage door opener without rollover codes they can easily brute force it with a simple device.

While I think Garadget should keep their infra secure, this is hardly a sane way to do a targeted attack on someone’s garage or home. In the unlikely event that Garadget is compromised and doors are opening and closing by malicious means I’ll just unplug mine.


#5

Things really don’t have to be that high tech for a break in:


#6

With due respect for your evidently high level of concern for security, both at the device level (no default passwords, no open ports, etc.) and for your cloud services implementation:

The point that security-conscious people are making is that there are many compromise scenarios that you cannot possibly account for. There is no way to guarantee perfect security for a network-connected device. I’m not going to overburden this thread with URLs but there are dozens, even hundreds of examples of software exploits across all areas of the internet over the past 5 years, and there will only be more in the future. Someone recently did a presentation in which they demonstrated how to break out of a hypervisored virtual machine into the supervising OS.

Long story short, your best assurances of security do not provide the security that being permanently airgapped from the internet can bring.

Of course you are going to do what the market dictates, so, I hope that a growing chorus of at least some small part of your customer base eventually makes it worth your while to offer a firmware update that is functional without a cloud connection to yours, or any other, servers.

Even if that means sacrificing considerable parts of the feature set. To me the convenience of checking & operating my garage door from my tablet or phone, anywhere over the internet is not worth the security exposure. Period. I would like to use the device within my local LAN so that I can be reminded if another resident here in the building leaves the garage door open by mistake. And so I can correct that mistake from the comfort of my third-floor office instead of walking down 3 flights of stairs. My use case would be completely covered by a LAN-only / no-cloud-needed configuration.