RP4 and security (25 Jun, 2019)

Have your say on today's Aardvark Daily column

RP4 and security (25 Jun, 2019)

Postby aardvark_admin » Tue Jun 25, 2019 7:43 am

This column is archived at: https://aardvark.co.nz/daily/2019/0625.shtml

Are you going to buy an RPi 4?

If you have any RPi connected to your network, have you taken the time to check that the password defaults have been changed and that unnecessary services disabled?

What percentage of RP-based Kodi installations do you think might be wide-open and inviting hackers?

What would you do with the new RPi 4 if you bought one?

Isn't this simply insane value and a great indicator of how those things we once dreamed of have now become a reality?
aardvark_admin
Site Admin
 
Posts: 3670
Joined: Wed May 07, 2014 2:10 pm

Re: RP4 and security (25 Jun, 2019)

Postby GSVNoFixedAbode » Tue Jun 25, 2019 8:19 am

Tricky - the Pi as as open as any standard *nix system, but is pitched towards those getting started so initial security is relaxed. Even so, all the how-tos have big prompts saying 'remember to change your admin password'.

Love the idea of a decentralised network of videos, but I'm sure you'll remember the phrase 'The Slashdot Effect' Bruce. Given your global reach, be prepared for it! :D
GSVNoFixedAbode
 
Posts: 264
Joined: Thu May 08, 2014 8:53 am

Re: RP4 and security (25 Jun, 2019)

Postby Malcolm » Tue Jun 25, 2019 9:11 am

The default Linux distribution for the Pi has had a number of security improvements since the first release. Most importantly it no longer starts with SSH open by default, and when you enable SSH or other remote access it prompts you to change the password. Most people also will have the Pi sitting behind a NAT firewall so chances are it won't be listening directly on the internet unless the owner has deliberately done it.
As for the Pi 4 I am hoping to get one or more before long. Although the 4GB model is about $100NZ from Core Electronics, the lower options are a better price but once you know there is a better version you really want that one. I wasn't expecting to see it so soon. I think Eben had said as recently as March this year not to expect anything until 2020. USB3 and true Gigabit ethernet is great. As is 4K support. Not sure on the dual screen since it seems it comes at a cost of requiring micro-HDMI to HDMI adapters. Early benchmarks look like about double SD card throughput so that is great. As for a wishlist, I think POE power without the HAT would be nice. So would native PXE boot. Maybe another storage option to get away from SD cards, although not sure where you could fit an M.2 slot, maybe USB3 boot drive is an option.
Malcolm
 
Posts: 356
Joined: Thu May 08, 2014 9:43 am

Re: RP4 and security (25 Jun, 2019)

Postby greven » Tue Jun 25, 2019 6:38 pm

How did the hacker get through the NASA firewall? Was the pi checking in with an external service?
greven
 
Posts: 122
Joined: Fri May 09, 2014 1:41 pm


Return to Today's column

Who is online

Users browsing this forum: NordieBoy and 6 guests