On Wed, Mar 13, 2024 at 2:56 PM Peter wrote:
On 13/03/2024 18:25, Peter wrote:
If the camera was a client, uploading images or a video stream to a server (which has a properly secured user side) ...
It is a non-trivial task to secure a server. If it was easy there wouldn't be news articles like https://www.cnn.com/2024/03/08/tech/microsoft-russia-hack/index.html Russian state-backed hackers gained access to some of Microsoft’s core software systems in a hack first disclosed in January,
... how could the camera be attacked? It will be behind NAT, for a start.
Ages ago I ran a TOR middle node on my home network. I noticed some strange traffic on my internal, **behind a NAT device**, network and found out that NAT wasn't the magical network protection device you seem to think it is. It turns out that loose source routing defeated NAT - see https://en.wikipedia.org/wiki/Loose_Source_Routing
And yes, *nobody* should be routing RFC-1918 address across the Internet, but you know what they say about theory and practice..
- Attack server.
The MbedTLS version is not connected with that, however.
This showed up in my inbox today: [SECURITY] [DSA 5639-1] chromium security update ... Security issues were discovered in Chromium, which could result in the execution of arbitrary code
Do you use a browser on the same machine that you upload photos to from your camera? If so, your camera is not behind a NAT and is directly connected to a possibly compromised server.
Does your browser have javascript enabled? Take a look at https://en.wikipedia.org/wiki/DNS_rebinding and play with https://lock.cmpxchg8b.com/rebinder.html
- Use the server as a relay to attack clients that connect to it.
The MbedTLS version is not connected with that, either. Plus the clients will be behind NAT so how can that server attack them? It can do no more than a 3rd party attacking random IPs.
Your browser PC is behind the same NAT - right? And there's no firewall or NAT device between your PC and whatever it is that's using the MbedTLS code - right?
Or:
- Attack some network equipment.
The MbedTLS version is not connected with that, either.
"some network equipment" being the ISP supplied router/modem that connects your network to the Internet.
- Spoof the server.
The MbedTLS version is not connected with that, either.
I'd like to see your definition of "connected to." If the MbedTLS software doesn't connect to a server then why do you need TLS?
- Use the spoofed server to attack clients that connect to it.
The MbedTLS version is not connected with that, either.
So I still don't see where tightening MbedTLS security helps.
If nothing else, it helps sales. Tell me what product you sell -- I'll make sure that I never buy it.
Regards, Lee