New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
passwords beeing transmitted unencrypted #128
Comments
This is a known problem. You could look at the code and give us a hint how to solve this ;-) There is a function in the aktual code that should mask the passwords. But there seems to be an error in this function. After saving an unchanged config the masked (and with that wrong) password ist saved. |
As far as I read the code, the user gets only asterix for his password (*********) when he opens the config page. Ist der ESP8266 dann mit einem verschlüsselten Heim-WLAN verbunden, ist es ja kein großes Problem, das Passwort unverschlüsselt zu übertragen (machen ja viele Router auch). Wenn der ESP8266 aber mit einem offenen, unverschlüsselten WLAN (z.B. Freifunk) verbunden ist, kann mMn HTTPS die Config-Seite ab besten "abdichten", was allerdings noch nicht in den Arduino-Core gemerged wurde. esp8266/Arduino#3001 |
Bei einem offenen, unverschlüsselten Netz sollte ein bekanntes Passwort (falls überhaupt vorhanden) kein Problem sein. Fürs Heim-WLAN lässt sich mit einem maskierten Passwort zumindest nichts mehr durch bloßen Abruf der Seite auslesen. Bleibt also als Lücke nur noch das versendete Passwort (wenn das Passwort neu eingetragen wurde, sonst werden ja die Sternchen gesendet). |
What about using https by default (if it could be implemented), document the browser error in the wiki and on http://luftdaten.info/feinstaubsensor-bauen/, explain why it is related to a self signed certificate and show how to handle it? |
The mentioned secure ESP8266Webserver will work with a predefined private key and certificate. With auto update these would be identical for all sensors. So we would need to implement key generation and cert signing. This will need too much RAM and flash. Thats why we can't implement HTTPS. |
I was only thinking about:
Because of
it really makes no sense to think further about HTTPS. Thanks for the explanation! |
@dadosch the actual firmware version should be masked in the form fields. So the only moment the password is transmitted unencrypted is the moment of saving the password. As we can't implement https (too few RAM) I think we need to live with that for the moment. |
OK, I will close this for now. |
in case somebody is courious, take a look at And off course, it takes some Flash and Ram. |
When you enter the passwords into the config site (wifi, influx, basic auth Password), they will be transmitted unencrypted or if BASICAuth already enabled, base64 encoded. A attacker could - when the esp8266 is in config ap mode - (decode the BASICAuth user and password) and get the home wifi psk and then attack also the users's home WiFi network.
The text was updated successfully, but these errors were encountered: