Network and web security with customised firmware

free30

Member
Can anyone tell me anything about the security issues there might be in installing modified software?
Either on other network resources or being used as a drone or something?
Is there a network log?
Thank you.
 
Well I didn't spell security quiet right in the title, sorry.
I'd like to bump this, as it seems that all kinds of people are writing packages. As much as I trust you all;) it's always good to check that its good bright talented people rather than bad bright and talented.
Thanks again, its all fun and really cool stuff. Wish I'd put a bit more effort into programming that ZX rather than playing Manic Miners. If anyone needs any help with Manic Miner let me know! :)
 
This is a difficult one, As I see it you could be hinting at two possible areas of concern, 1). Someone has inadvertently coded something that makes the Humax vulverable to attack while being connected to the internet. or 2) they have purposely coded something to do something nasty to your Humax or connect to the internet and do something you dont like. Either way I guess the only safeguard you have is the other members of this forum, There is more than one 'coder / software designer' on the forum who know how to run wireshark and I'm sure the 'goodies' would make us aware of it

EDIT
Unless of course all the all Custom Firmware coders are baddies - Welcome to the Wonderful World of Paranoia :)
 
There are two aspects to this.

By installing the custom firmware and packages and connecting your Humax to a network you are exposing new services to that network and potentially any connected network. Most of the software that has been packaged up has been chosen for its suitability for the embedded environment, i.e. size and required processing power, and not security. However, this is a consumer electronics device with a network port and you can guarantee that even the standard built-in services have not been built with more than a passing nod towards security. If that concerns you then you are plugging it into the wrong network! As long as you have a decent router/firewall between you and the Internet it should be fine. If you expose any of the ]Humax services (standard or custom) to the Internet then you need to make an assessment of the exposure. The remote scheduling portal means that most people don't need to allow incoming connections to their Humax.

The second aspect is that you are installing software written by a team of enthusiasts on a forum and unless you are able to audit what is being installed there is a certain level of trust that is required...
 
Back
Top