security by obscurity
Posted: 24 Jun 2015, 10:40
Looking for a kiosk linux distro I found porteus-kiosk and I am really very happy with it. It is fast, modular and simple to use. I will want to customize it a bit to better fit my needs, but with all the work you have already done it will be easy.
But actually I decided to post here to let you know about something I don’t like about porteus-kiosk, namely its security by obscurity approach. It gives end users false sense of security. Plus it puts you in an awkward position, where you have to violate GPL rules.
It took me a while to figure it out, but in the end it wasn’t hard to extract the shell scripts out of binary blobs and get encryption scheme. With physical access to installed files there is no way you can prevent people from modifying the system or stealing config data. In my opinion developing such convoluted mechanisms is a waste of time, may lead to hidden security issues and it creates obstacles for legitimate users.
If you care for passwords you could store them in the config file in a hashed form, couldn’t you? All the other data is not really sensitive. Also note that config files (or whole packages) may be intercepted/modified during remote updates, as kiosk scripts do not validate https certificates.
Just my two cents…
Anyway, thanks a lot for this distro!
But actually I decided to post here to let you know about something I don’t like about porteus-kiosk, namely its security by obscurity approach. It gives end users false sense of security. Plus it puts you in an awkward position, where you have to violate GPL rules.
It took me a while to figure it out, but in the end it wasn’t hard to extract the shell scripts out of binary blobs and get encryption scheme. With physical access to installed files there is no way you can prevent people from modifying the system or stealing config data. In my opinion developing such convoluted mechanisms is a waste of time, may lead to hidden security issues and it creates obstacles for legitimate users.
If you care for passwords you could store them in the config file in a hashed form, couldn’t you? All the other data is not really sensitive. Also note that config files (or whole packages) may be intercepted/modified during remote updates, as kiosk scripts do not validate https certificates.
Just my two cents…
Anyway, thanks a lot for this distro!