-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2014-06-27 at 13:36 +0100, Sid Boyce wrote:
Hi Carlos, Which embedded systems? So I can avoid them. For the longest time I have been using ssh with Beagleboard, Beaglebone, Pandaboard, ODROID-X, ODROID-U3 and Parallella-16.
Er... by "system" I don't refer to the operating system they run. I refer to machines I buy, with their original firmware. For instance, my tp-link router, about a year old, has neither ssh nor https; same happens to my HP printer. My previous router was the same. Access to a router by a "bad person" is high risk. The command set is limited, but he may access the wifi encryption setup, open ports I do not want opened... Thus, I hesitate to change settings or even access my router config page via wireless, and I hope the thing does not broadcast what it gets via cable to the wifi. Should not, but... The HP printer did get a security related firmware update. I forget why it was. My multimedia center is/was the same; I replaced its firmware with a community one, and now it has ssh, but not by default. But the password is hardcoded anyway, so it does not matter. You say: a multimedia "gadget" is not a high risk machine. Well, it is not, but it happens that it does run a Linux system. Busy box, quite complete. A hacker gaining access to my house somehow could access it and run scripts and things there, and make it his tool. So it /is/ dangerous. - -- Cheers, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iEYEARECAAYFAlOtvyUACgkQtTMYHG2NR9U2/ACfcPWQkVA623JAXJM3KDF8uBNm 3s8An1SHx1uZqL0UOTxGOdZB/feVlu1b =d9t1 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org