Unoffical empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

Topic Options
#77469 - 04/03/2002 02:43 Hey, Mark. What about auto-RO and -RW?
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Thought about this while driving home from the con this weekend.

What if, when we did an FTP "put" command through the KFTPD interface, the player automatically went into RW mode, and when it was done with the transfer, it went into RO mode again? Similar thing with chmod, mkdir, rm, etc.

It would save us the hassle of doing it every time.

Or is this a security risk?

_________________________
Tony Fabris

Top
#77470 - 04/03/2002 03:19 Re: Hey, Mark. What about auto-RO and -RW? [Re: tfabris]
bonzi
pooh-bah

Registered: 13/09/1999
Posts: 2401
Loc: Croatia
And I thought I was lazy....
_________________________
Dragi "Bonzi" Raos Q#5196 MkII #080000376, 18GB green MkIIa #040103247, 60GB blue

Top
#77471 - 04/03/2002 20:17 Re: Hey, Mark. What about auto-RO and -RW? [Re: tfabris]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14493
Loc: Canada
Mmm.. I've been thinking lazy thoughts like that too.

But it would really slow down things like the mirroring software I use, and syncs, and..

Some of the better FTP clients (and even some of the dumb ones) can use connect scripts and disconnect scripts, which could be given commands to set RW on entry, RO on exit. Not the same thing, quite, but close.

But there's other issues two, like multiple simultaneous FTP sessions (yes, I do that sometimes).. just to hard to get it right, and too simple to leave it as is..

-ml

Top
#77472 - 04/03/2002 20:24 Re: Hey, Mark. What about auto-RO and -RW? [Re: tfabris]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14493
Loc: Canada
Oh, btw, SITE RW is not needed when just uploading a new kernel to /proc/empeg_kernel

-ml

Top
#77473 - 04/03/2002 20:34 Re: Hey, Mark. What about auto-RO and -RW? [Re: mlord]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Yes, I did discover that you don't need to RW the player to send a new kernel.

Is that a security risk?
_________________________
Tony Fabris

Top
#77474 - 04/03/2002 20:39 Re: Hey, Mark. What about auto-RO and -RW? [Re: tfabris]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14493
Loc: Canada
No worst than anything else that's possible with FTP access.

Set a password if it worries..

Top
#77475 - 04/03/2002 22:32 Re: Hey, Mark. What about auto-RO and -RW? [Re: tfabris]
BlueLightning
new poster

Registered: 28/02/2002
Posts: 9
Personaly I would say err on the side of security. About the only time I use the HTTP and FTP daemons are on a corperate network. By leaving this requirement in place it adds an extra layer of security by making someone know the proper commands to issue to write to the unit. In addition it would be nice if you did have to issue a SITE RW to flash the kernel as well.

Perhaps add a switch in the config.ini to enable auto SITE RW RO commands.

_________________________
Blue Lightning [email protected] 010101852 Mk2a 20 GB <-- RIP (Stolen Jan 2004)

Top
#77476 - 05/03/2002 09:36 Re: Hey, Mark. What about auto-RO and -RW? [Re: BlueLightning]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14493
Loc: Canada
Nope. Doing SITE RW to flash a kernel is more risky to the player than not doing it. I'm leaving it as-is. The player has no security by default from the manufacturer. There are security options if you need them.

Anybody plugging it into a corporate LAN is probably doing so for use of "advanced features" from Hijack already, so setting the right parameters isn't something unreasonable to expect of them.

Unlike politically correct trends, I'm erring on the site of ease of use here.

Cheers

Top
#77477 - 05/03/2002 11:00 Re: Hey, Mark. What about auto-RO and -RW? [Re: mlord]
tms13
old hand

Registered: 30/07/2001
Posts: 1115
Loc: Lochcarron and Edinburgh
In reply to:

Set a password if it worries..


It disturbs me that Hijack is passwordless (both FTP and HTTP) by default. Very Microsoftish!

Services should only be enabled explicitly, not as part of installing an unrelated item.

P.S. Mark, any chance of a link from the Hijack home page to the Hijack FAQ on RioCar.org?
_________________________
Toby Speight
030103016 (80GB Mk2a, blue)
030102806 (0GB Mk2a, blue)

Top
#77478 - 05/03/2002 11:09 Re: Hey, Mark. What about auto-RO and -RW? [Re: tms13]
Yang
addict

Registered: 14/01/2002
Posts: 443
Loc: Raleigh, NC
Well, by default, your Empeg doesn't have either installed until you put Hijack on it. People aren't likely to install Hijack on their Empeg w/o first looking at the features, so they are aware of what is going to be enabled when they do. It's not like a certain OS where the features enabled are not documented anywhere..

Top
#77479 - 05/03/2002 11:12 Re: Hey, Mark. What about auto-RO and -RW? [Re: tms13]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14493
Loc: Canada
FAQ link now added, thanks.

And nobody here should be fooling themselves about LAN security. If your player is plugged into a LAN, then anyone with knowledge about Empeg/RioCar players can easily hack into it with JEmplode or Emplode.

Installing Hijack doesn't really increase the risk (hard to increase beyond 100%..), but it does give you tools to better secure it if one wants to do that. Sure, more people know how to use FTP than Emplode, but they cannot damage a thing with FTP unless they have specific Empeg/RioCar/Hijack knowledge, and in that case they already know about Emplode/JEmplode as well.

Cheers

Top
#77480 - 05/03/2002 11:22 Re: Hey, Mark. What about auto-RO and -RW? [Re: mlord]
tms13
old hand

Registered: 30/07/2001
Posts: 1115
Loc: Lochcarron and Edinburgh
With Emplode/JEmplode and no Hijack, you can't (or shouldn't be able to, at least)
  • write to the kernel area of flash
  • change the running order (e.g. HTTP "play")
  • remove or replace files outside of the music partions (e.g. the player binary), other than config.ini
Any attempts on the player are obvious when the music stops and an unasked-for synchronize begins.

Adding a wide-open Hijack does make me (even more) nervous.
_________________________
Toby Speight
030103016 (80GB Mk2a, blue)
030102806 (0GB Mk2a, blue)

Top
#77481 - 05/03/2002 11:32 Re: Hey, Mark. What about auto-RO and -RW? [Re: tms13]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14493
Loc: Canada
>write to the kernel area of flash

It's possible, in a convoluted fashion, beyond most script kiddies. But it's also relatively harmless, and easy to fix.

>change the running order (e.g. HTTP "play")

There's a play button in emplode (replaces running order).

>Remove or replace files outside of the music partions
>(e.g. the player binary), other than config.ini

But the files on the music partitions are the most important ones. All of the others can be restored to original state with a player upgrade. Music theft, substitution, playlist deletion.. those are the real issues to worry about.

Cheers

Top
#77482 - 05/03/2002 12:11 Re: Hey, Mark. What about auto-RO and -RW? [Re: mlord]
NiCKEL
journeyman

Registered: 27/02/2002
Posts: 59
Loc: Vancouver, BC, Canada
Mark,

This may be hideous, ignore it if so

Would it be possible to RW/RO on PUT if the player is currently RO but to have no unusual affect if it is already RW.

This way you could do the good old SITE RW at the beginning of a session to upload a bunch of files and not have the overhead of RW/RO between each file but if you were lazy you could swap a file or two over without having to RW the player.

-Geoff

Top
#77483 - 05/03/2002 13:09 Re: Hey, Mark. What about auto-RO and -RW? [Re: NiCKEL]
lectric
pooh-bah

Registered: 20/01/2002
Posts: 2085
Loc: New Orleans, LA
What I don't understand is why would someone bother to hack an empeg... All they could possibly do is destroy data, and that's rather pointless, as that's what backups are for, or steal songs that are readily available on the net. I mean, As I understand it, there are only 4000 empegs in the WORLD. What are the odds of someone with enough expertise with the empeg actually stumbling on your IP on purpose? I mean, especially since they are so removeable as to be pulled off the network 4-5 times a day?

Has anyone actually been hacked? And if so, what was done?

Top
#77484 - 05/03/2002 14:12 Re: Hey, Mark. What about auto-RO and -RW? [Re: lectric]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14493
Loc: Canada
Exactly.

But Hijack does have a pretty good measure of protection nonetheless, you just have to read the FAQ first and then turn on the parts you like.

-ml

Top
#77485 - 05/03/2002 14:14 Re: Hey, Mark. What about auto-RO and -RW? [Re: NiCKEL]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14493
Loc: Canada
>This way you could do the good old SITE RW at the beginning of a
> session to upload a bunch of files and not have the overhead of
> RW/RO between each file but if you were lazy you could swap a file
> or two over without having to RW the player.

Yeah, it's possible, but I'd rather just leave that to the client software. If your client supports a ".netrc" file (or better), then just stick the RW command in there. Note that issuing a kftpd RW command doesn't do/hurt anything if the drives are already RW.

Cheers

Top
#77486 - 05/03/2002 14:19 Re: Hey, Mark. What about auto-RO and -RW? [Re: tms13]
bonzi
pooh-bah

Registered: 13/09/1999
Posts: 2401
Loc: Croatia
It disturbs me that Hijack is passwordless (both FTP and HTTP) by default.

Hey, guys, be reasonable, this is a frigging car audio! It is meant to be connected to one's *home* machine, probably via USB. It was not meant to reside on corporate LAN or Internet. Those of us who do install Hijack and put our players at mercy of our co-workers are expected to be able to decide whether they need a bit of security provided by Hijack.

That said, a simple password for emplode access via ethernet (resetable via serial and USB connection) *would* be usefull. Perhaps two level of protection - one against changes, another against any access. (Hm, I am I bit behind with Hijack features - perhaps something like that is already there? No, that would require a change emplode.)
_________________________
Dragi "Bonzi" Raos Q#5196 MkII #080000376, 18GB green MkIIa #040103247, 60GB blue

Top
#77487 - 05/03/2002 14:26 Re: Hey, Mark. What about auto-RO and -RW? [Re: bonzi]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14493
Loc: Canada
What Hijack has for emplode is a "disable_emplode=1" flag in config.ini, which really just disables ethernet access by Emplode.

-ml

Top