[Elecraft] K4 and Linux Infrastructure

Dave B g8kbvdave at googlemail.com
Tue Jun 4 05:20:09 EDT 2019 

Hi.

The problem these days, is not only if something is exposed to the www,
but even if it can only be "seen" by other nodes on the same LAN.   Such
as the main shack PC, that probably can reach out to the WWW.  Once
"something" gets into that PC (or your IoT lightbulbs!)  It can at it's
leisure scan your shack (and/or home) LAN, looking for other
nodes/devices to poke at later, after "phoning home" with the details of
what it found.

You all have got your dumb IoT devices (including TV's and PVR's) on a
segregated VLAN haven't you?  No!  You have work to do then!

Also, irrespective of the OS used, one way to reduce the chance of user
induced mayhem, is to boot from a (protected) read only medium, copy the
OS to RAM (for speed) and use another SD card as persistent storage,
with an option during the initial boot (if for example) some combination
of keys are held down, to load the default settings into the "user"
area, as an easy "Factory Reset" feature.

Then, whatever the user does, when (not if) they muck it up, there is an
easy get out of jail free card.

As to the network security issue, the only "secure" network device, is
disconnected, powered off and in a sealed & screened box!  Period.  What
may be regarded as secure "now", in six weeks time could be hacked to
hell and back by script kiddies all over the world.  In truth,
currently, the bad types have the upper hand.

Sadly (as with any OS) a continual surveillance of the ecostructure is
needed, and the inevitable updates.  There are many ways to do that of
course, some easier, and some more "secure" than others.  Security and
convenience are mutually exclusive, sadly.  (In the case of a RO boot
medium, a switch would need to be flipped to allow a (once verified)
image to be flashed onto it, one time, said switch auto resetting once
programmed.)  Or another card shipped in by post, and that's not as
secure as you might think either!

Regarding legitimate use of a LAN/WAN connection.  One would hope(?)
that at the bare minimum:-

The radio control firmware is not run as root.

Incoming ssh requests are ignored/blocked.

In the case ssh connections are allowed, root login by ssh is blocked,
and only pre authorised (by certificate) user(s) are allowed in
(Elecraft themselves for example.)

The use of su and sudo are blocked if anyone does get to a command line
as "a user".  Also browsing the OS software/settings folders is blocked,
should the firmware die, leaving the user at a command line.

Have the radio "reach out" to Elecraft central when needed using OpenVPN
(for example, using the current state of the art security model) to
check for updates (user initiated) or for Elecraft to remote admin,
after telling the user how to initiate that feature..

Any such automatic updates are "staged" within the rig, until they can
be verified as complete, uncorrupted and genuine, before being applied.

Any custom daemon software intended for legitimate remote
control/interface use, should be written in such a way, that any corrupt
or unknown commands (and/or parameters) are ignored, not even returning
any error code to the initiator.  Greatly reducing the ability of it to
be "fuzzed" for vulnerabilities.

Also, . 

Similarly, any code created to allow the radio to control accessories
via the LAN port (PA's ATU's etc) should be created with security in
mind.  Such command & communication links should be encrypted, so only
the intended endpoints can see/use the data.  ESPECIALLY, in the case
that such links traverse the public internet...  (A licence requirement
here in the UK by the way!)

Any built in Digimode software (PSK, RTTY, CW, JT modes etc) should also
be run in a VM, within the radio.  Hopefully preventing any possible
remote takeover issues via that route!  (None that I know of at this
time, but ...)

~ ~ ~

Trouble with all the above it, it takes */a lot of time and effort/* by
the equipment makers to do, and do right, plus the testing of it all, or
contracting in some qualified penetration-testing types to test it all
for you.  And that cost money.   That, and capable hardware to do all
that, is also not exactly low cost (but is getting lower in cost.)

Also, all the above is not unique to Linux, */all OS's/* have their
issues, just that some are better(or worse) than others.

Effective Security is difficult to make user proof.  Educate the users
first.  If nothing else, listen to the "Security Now" podcasts by your
countrymen.  https://twit.tv/sn  (Another episode later today.) 
Entertaining, and you might get an appreciation of just how much mayhem
is going on out there right now.

Happy Days!

Dave B G0WBX.

(I have learnt much of the above the hard way, by digging friends and
family, and some work colleagues, out of the mire induced by a lack of
knowledge of how to stay safe on-line, and from the Security Now podcasts.)


-- 
Created on and sent from a Unix like PC running and using free and open source software:

More information about the Elecraft mailing list