pippin wrote: > Hm, how is this more secure than what Meep is doing? > I mean... TLS and everything but this still requires you to open up your > server machine to the internet and as security issues are this should at > least involve staying up to date with known security issues in e.g. your > TLS client on a daily basis because, you know, these big security issues > that made the news in recent years were all about issues in security > software like OpenSSL... > > So if such an issue shows up again (or it's not yet fixed on your NAS) > you can fall victim to port scan attacks with such a setup. Not too > likely but possible, some such bugs have been around (and used!) for > years. > > I think the only thing being more secure is a solution where LMS only > does outbound communication, that is: a plugin that connects to Alexa > (or some intermediate service) and polls.
Well, at the moment, this is more secure as the initial command from my skill to my plugin is over http. (thereafter, all transactions are pulled by the plugin over https). While I've done what I can to secure the plug-in (only a single command accepted , validating sender insofar as is possible, rate-limiting inbound connections, no direct LMS access, limited command set supported), it's still a vulnerability as there's an open port. The next stage of development for me is to implement pseudo-polling by implementing MQTT. This will hopefully eliminate the requirement for an open port, though I have some concerns about latency. And of course this will only be as secure as mqtt over https can be. Right now, nickb's solution is more secure and will always be faster than what I'm doing, at the expense of a somewhat complicated setup. I take your point on the risks. Indeed, I've spent most of the last 2 months developing the base infrastructure and skill<->plugin communications to incorporate improved security measures in response to initial feedback here. I could have had a working skill in place at this stage but I think user protection is important so it's time well spent. However, I'll always approach this from the perspective that it's not banking software (!), it's audio playback and while people may have genuine concerns around security, at the end of they day they will be aware of the risks (because I'll tell them) and can choose to use it or not. ALEXA LMS SKILL: http://www.hab-tunes.com | Twitter: '#habtunes' (https://twitter.com/search?q=%23habtunes&src=typd&lang=en) Personal HA BLOG: http://mediaserver8.blogspot.com Squeezebox | Squeezebox Radio x 2 | Squeezebox Duet ------------------------------------------------------------------------ meep's Profile: http://forums.slimdevices.com/member.php?userid=12744 View this thread: http://forums.slimdevices.com/showthread.php?t=107009 _______________________________________________ plugins mailing list plugins@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/plugins
