Device security (against hacking)
#1
Dear Friends,

Just a stupid question about network security before ordering a probe:

Did you implement network security against hacking the firmware?
Is firmware publicly available and Free software?

Kind regards,
Kellogs
Reply
#2
Firmware is available to people with registered stations.

I do not believe the links are publicly available to everyone.
Kevin McCormick KB0UOI
Macomb, IL USA
Stations: 1539
Reply
#3
Note that the firmware is that, the compiled code that the receivers CPU runs. I'm fairly sure the source code is not available so one would have to reverse engineer the firmware to make pretty much any changes to it.

The reciever doesn't need to be visible from the internet. IMHO if you want to be able to view/configure the reciever over the internet use a VPN into the LAN where the receiver is located.

There is no seperate charge for the firmware.
Cheers
Dave.

Stations: 1627
Reply
#4
Hardware is from ST.com, so it is quite easy to fork a firmware using ST tools.
Is firmware upgrade protected by password in administration page?
Reply
#5
(2017-05-14, 12:02)Kellogs Wrote: Hardware is from ST.com, so it is quite easy to fork a firmware using ST tools.
Is firmware upgrade protected by password in administration page?

The Blitzortung operational Firmware is proprietary to Blitzortung Org, and is available only to licensed, registered operators and if it were 'forked' or stolen, there are 'cross checks' on Blitzortung server preventing unauthorized station connections. Only the registered user can access the Bitzortong server station settings, and no system will function on the network unless those are set properly. . The local Controller access is controlled by each specific operator who controls access to controller admin. When ordered the system will come with latest stable FW release installed.

Kellogs does NOT speak for or represent Blitzortung Org, developers, operators, or moderators of this forum.
                   TwinHollies WeatherCenter  Frankfort KY, USA
  Americas Operators at Sferics.us
        Stations: 689, 1439
Reply
#6
(2017-05-14, 12:02)Kellogs Wrote: Hardware is from ST.com, so it is quite easy to fork a firmware using ST tools.
Is firmware upgrade protected by password in administration page?

Hey Kellogs,


You appear really interested in the project and it's capabilities. I would suggest that you purchase and install a sensor so you can learn what goes into siting it, and the work involved with maintaining it. It's what we call "baby steps". While some of the "product" of the project is publicly visible, much of it is not. What is out there publicly isn't intended for anything other than use as a novelty.


This is the very reason that those of us that are members of the project haven't gone forward with some of the things that you have proposed in the couple of days since you have discovered Blitzortung. It's also the reason that "sponsors" should have no interest in funding any part of the project. There is nothing in it for them, and there shouldn't be. There are commercial entities that provide lightning data. We do not compete with them, and do nothing that they do, and do many things that they do not do. I happen to host a sensor for one of the commercial providers also. 

If you are interested in "filling gaps", just put "host a lightning sensor" in google or the equivalent in addition to purchasing and installing one of these.

To get back to the context of your post. While anything can be reverse engineered, there's really not much reason to hack the station firmware. There's no OS. It's function is really simple... precision timestamp, and send a sample of digitized analog waveform upon being triggered to do so by the contents of that sampled waveform. The equipment is intended to be protected from the Internet behind NAT or another firewall, so no vulnerabilities there.
Stations: 1156
Reply
#7
Thanks. I am just discovering that there are commercial networks for lightning detection. Blitzortung is really a nice project !
Reply




Users browsing this thread: 1 Guest(s)