So I have been lucky enough to get into the CyRise Cyber Bootcamp it’s pushing lots and lots of buttons and making my brain hurt! But that’s a good thing – today there was this T-shirt that Allen was wearing and I sort of agree with it, but also I think about Steve Jobs and also the old addage “Build it and they will come!” and also this qoute… and yet other people who agree to disagree...
Hmm on one level at some point one must ship product ! The argument is still how and when! And what of the customer!
Well that took longer than I thought it would (site being down!). It’s interesting trying to get a computer server stack just right – I’m close with this build but it’s something that you have to keep on top of. Hence it took me a week or so to get the site up again – and I may have a hardware issue to sort out but that’s a story for another day, but also part of the reason it took me a while to re build. But I must also admit that the last build stood the test of time (about 2-3 years) so it’s not all bad.
Onward and up ward, the next phase is a blue green development enviroument so that hopefully this won’t happen again. We learn from our mistakes!
I spent a few hours this weekend mucking about with an old V2 Raspberry pi and the open source product roon audio. http://www.runeaudio.com It’s a pretty good little media management system. I can keep all my music (I’ve copied it to a usb attached to the pi) in one place and access – play that data from the pi to the amplifier. The beauty of course is that I can control the playback and search etc via any device on my local network (be it a phone or computer, ipad, tablet – anywhere in the house). One thing that is nice is it’s simple interface, and it is fairly easy set up. But I also have a few concerns that I thought I’d mention hear.
Security Once you have burnt the roon audio image to your pi you just plug it in and start the device. You can access it via the url http://runeaudio.local/ or by working out the ip address / number (you might have to look at your router to find this).This is very convenient but the issue is the product is not Password protected. So if your neighbour some how hacks your wireless network password, he or she could crank up your music system at 4 AM as a prank!
Another thing to consider is that the image has – uses a root super god user, and the password to that user is publicly available. So after that neighbour cranks up your music they can ssh to the device with root privileges! Also there is no basic user space (ie anyone on the network can control the server) although there is a hack that can be run via the htpasswd process within the web server . This allows you to hand code that functionality into the product. http://www.runeaudio.com/forum/password-protection-t4372.html This is not ideal for a basic user! If you do install a roon audio server in your house – Do change the root ssh password, … NOW!
See this link for more information on how to do that. https://www.cyberciti.biz/faq/linux-set-change-password-how-to Also at the time of writing – wireless is not a secure medium. I recommend a long wireless password that will take hours if not days to hack. As it is currently configured a roon audio server could be a nasty attack vector for a hacker. Changing the root ssh user password is a good start but the file system is rather open (see screen shot) and that could be problematic if not managed in a better way. Unfortunately this is typical of may IOT style products – they need to take security as an important issue – an initial configuration script could easily manage all of these faults and create a rounder better more secure product. So to sum up.
Ease of setup 8/10 User interface 8/10 Security 2/10
I’ll be keeping an eye on this product – If your not comfortable with the command line and security is important (it should be to everyone!) it’s probably a good idea not to use this product just now – but if they get their act together around the security issues, I think it has the potential to be something that rivals some of the more expensive commercial products.
I’ve been following the company that says “Don’t be evil” on he issue of project Dragonfly – Googles “China” friendly search engine. The intercept has the lowdown on this project hear.
I have a belief that as companies get bigger they get more stupid and less focused. I think that this is indeed the case for Google. After reading the article I have to ask what sort of flavour of BS are these so called managers trying to stuff down the throats of humanity?
I’m starting to think it’s time to remove all my content from there platform.