[Firmata] Channel security

Question

[Firmata] Channel security

MrSmersh opened this issue 10 years ago · 3 comments

As far as I see the communication channel between Arduino and phone is not secure. Could you do something about it? In some scenarios this could be a real pain issue since someone could hack the the communication and control the Arduino from a "spurious" source. Like the first generations TV remotes, the neighbor could control your Arduino.

Answer 1 · 2015-11-24T21:14:08.000Z

We have no plans at this time to add encryption or device security. It is expected that devices would need to be either paired (via Bluetooth), physically connected (via USB or Ethernet cable), or authenticated to a wireless network in order for connections to be made to them. If you still desire additional security, I would advise building on top of or modifying RemoteDevice (or perhaps build a new secure RemoteDevice implementation on top of the Serial and Firmata layers).

Answer 2 · 2015-11-24T23:19:12.000Z

An amendment to the above: we will take this on as an action item in our backlog and investigate the security improvements in the future. It is still true that you could amend the existing code if you need improved security right away!

Answer 3 · 2018-08-21T21:44:16.000Z

If this issue is still relevant, please file this at: https://github.com/MicrosoftDocs/windows-iotcore-docs