mattg31
Posts: 77
Joined: Fri Jan 05, 2018 9:55 pm

Raspberry Pi Security

Sat Aug 31, 2019 1:03 am

I have a few raspberry pi's at customer sites that are measuring sensor data and sending this data to a web application over https.

I have been reading a lot about commercial IoT devices claiming to be "ultra secure" and the like. I am not knowledgeable in this area, and am hoping someone can confirm my assumptions, or at least point me in the direction of what I should be implementing on my raspberry pi's.

If the raspberry pi is connected to customers wifi (assuming it is secure itself), using stock Raspbian Buster, a strong password to login to the pi, and ssh is disabled.

Obviously everything is hackable given enough resources thrown at it, but would this be considered secure?

Andyroo
Posts: 4465
Joined: Sat Jun 16, 2018 12:49 am
Location: Lincs U.K.

Re: Raspberry Pi Security

Sat Aug 31, 2019 2:26 am

Some basic advice is https://www.raspberrypi.org/documentati ... ecurity.md

I would also look to change the user - ‘pi’ is the obvious user to try on a Pi so half the protection is gone.

Consider folk getting access physically to the Pi - a few seconds to whip the SD card out

A search for securing Linux will turn up 100s of links but you may do better employing an outside security consultant to give advice.
Need Pi spray - these things are breeding in my house...

tpyo kingg
Posts: 614
Joined: Mon Apr 09, 2018 5:26 pm
Location: N. Finland

Re: Raspberry Pi Security

Sat Aug 31, 2019 5:30 am

mattg31 wrote:
Sat Aug 31, 2019 1:03 am
If the raspberry pi is connected to customers wifi (assuming it is secure itself), ...
Wi-fi should always be considered compromised. However, that's not always a big deal.

Since it is rather hard to defend against all things all the time, generic checklists usually fall short. Perhaps you can describe what or whom you wish to defend against.

Remember, having physical access to the machine changes the rules. Even the OpenBSD developers generally concede defeat then.

User avatar
DougieLawson
Posts: 36098
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website Twitter

Re: Raspberry Pi Security

Sat Aug 31, 2019 7:00 am

mattg31 wrote:
Sat Aug 31, 2019 1:03 am
If the raspberry pi is connected to customers wifi (assuming it is secure itself), using stock Raspbian Buster, a strong password to login to the pi, and ssh is disabled.

Obviously everything is hackable given enough resources thrown at it, but would this be considered secure?
It's no more or less secure than any other Linux system running as a client system.

The main insecurity with Raspberries is when you set then up with open ports as a server on the internet with pi/raspberry as the userid/password. It's less than four minutes for the hackers to find it and come knocking on the door.

If nothing is port forwarded through the NAT router then you've removed that risk.
Note: Having anything humorous in your signature is completely banned on this forum. Wear a tin-foil hat and you'll get a ban.

Any DMs sent on Twitter will be answered next month.

This is a doctor free zone.

mattg31
Posts: 77
Joined: Fri Jan 05, 2018 9:55 pm

Re: Raspberry Pi Security

Sat Aug 31, 2019 10:39 am

Great thanks for the replies guys!

So Changing the userid/password from the default to something more secure, adding a firewall, and ensuring any port forwarding is off will make it secure. Also physically securing SD card.

Thanks again!

User avatar
DougieLawson
Posts: 36098
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website Twitter

Re: Raspberry Pi Security

Sat Aug 31, 2019 10:47 am

How do you intend to physically secure an SDCard? Bearing in mind that when it goes end-of-life you will need to replace it.

If I have physical access to your RPi then all bets are off (just like if I stole your laptop).
Note: Having anything humorous in your signature is completely banned on this forum. Wear a tin-foil hat and you'll get a ban.

Any DMs sent on Twitter will be answered next month.

This is a doctor free zone.

tpyo kingg
Posts: 614
Joined: Mon Apr 09, 2018 5:26 pm
Location: N. Finland

Re: Raspberry Pi Security

Sat Aug 31, 2019 10:57 am

mattg31 wrote:
Sat Aug 31, 2019 10:39 am
... will make it secure.
It depends on the context. Again, what do you wish to defend against?

hippy
Posts: 5935
Joined: Fri Sep 09, 2011 10:34 pm
Location: UK

Re: Raspberry Pi Security

Sat Aug 31, 2019 11:32 am

tpyo kingg wrote:
Sat Aug 31, 2019 10:57 am
Again, what do you wish to defend against?
I am quite sure the answer would be 'anything and everything'; preventing any miscreant being able to affect operation of the device in any adverse way, and to prevent them using it as a stepping stone to gain access to the wider local network or anything connected to that.

It is not realistic nor reasonable to expect a non-expert user to know exactly what they need to be protecting against.

mattg31
Posts: 77
Joined: Fri Jan 05, 2018 9:55 pm

Re: Raspberry Pi Security

Sat Aug 31, 2019 11:37 am

At this point I am not going to physically secure the SD card. I am more concerned about compromising the customers IT infrastructure somehow, like allowing a backdoor into their network. Most of the devices I have out right now are just on the guest wifi, and not on the corporate stack, and the userid/password are changed on the pi.
There is nothing on the raspberry pi itself that is sensitive with the exception of the API token inside the python program. But even this would only allow the hacker (I think) to post fake data, or flood my server with post requests?
Like I said, I think I am more worried about compromising the network the pi is on as a result of poor setup on my part.

User avatar
DougieLawson
Posts: 36098
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website Twitter

Re: Raspberry Pi Security

Sat Aug 31, 2019 11:41 am

mattg31 wrote:
Sat Aug 31, 2019 11:37 am
At this point I am not going to physically secure the SD card. I am more concerned about compromising the customers IT infrastructure somehow, like allowing a backdoor into their network.
That's only true if you're NASA with an inherently insecure network. It wasn't just that the RPi that was doing bad things it was their network security, lack of intrusion detection and lack of device monitoring that allowed it.

https://gizmodo.com/hacker-used-raspber ... 1835802380
Note: Having anything humorous in your signature is completely banned on this forum. Wear a tin-foil hat and you'll get a ban.

Any DMs sent on Twitter will be answered next month.

This is a doctor free zone.

mattg31
Posts: 77
Joined: Fri Jan 05, 2018 9:55 pm

Re: Raspberry Pi Security

Sat Aug 31, 2019 11:49 am

Wow! See that is exactly what I don't want to happen!
Obviously we don't know the configuration of the pi that caused this breach, but I'm assuming either the individual had physical access to this pi, or the userid/password was insecure and hacked remotely?

epoch1970
Posts: 3655
Joined: Thu May 05, 2016 9:33 am
Location: Paris, France

Re: Raspberry Pi Security

Sat Aug 31, 2019 11:53 am

If you don’t physically secure the SD card, I will soon pinch it, add init=/bin/sh in cmdline.txt, boot on my Pi, rejoice with your code, install mine, and possibly change the passwords to deny you access.
Then I will put back the SD in the original Pi and roam the customer’s network.

If you don’t physically secure the SD card, request a VLAN from the customer so that if your Pi is compromised, it has access to a minimum of machines and information.
"S'il n'y a pas de solution, c'est qu'il n'y a pas de problème." Les Shadoks, J. Rouxel

mattg31
Posts: 77
Joined: Fri Jan 05, 2018 9:55 pm

Re: Raspberry Pi Security

Sat Aug 31, 2019 12:48 pm

Ok i'm seeing the value in securing the SD card, I suppose I was trusting that the people who have access to the devices are trusted, but that can never be guaranteed.
I'm assuming the pi will outlive the SD card by several factors, so this is probably not the best plan, but using epoxy to secure the SD is probably going to be my plan. If the card dies in 2 years, I suppose I will just supply another pi.

This isn't the topic of the conversation, but is the raspberry pi compute module a better plan because it uses onboard memory vs SD card? Unfortunately it is about 4 times the cost (in Canada) once you include the i/o board.

fruitoftheloom
Posts: 20684
Joined: Tue Mar 25, 2014 12:40 pm
Location: Delightful Dorset

Re: Raspberry Pi Security

Sat Aug 31, 2019 12:53 pm

mattg31 wrote:
Sat Aug 31, 2019 12:48 pm
Ok i'm seeing the value in securing the SD card, I suppose I was trusting that the people who have access to the devices are trusted, but that can never be guaranteed.
I'm assuming the pi will outlive the SD card by several factors, so this is probably not the best plan, but using epoxy to secure the SD is probably going to be my plan. If the card dies in 2 years, I suppose I will just supply another pi.

This isn't the topic of the conversation, but is the raspberry pi compute module a better plan because it uses onboard memory vs SD card?

Depends on the "product" you are selling, do you have the capability to manufacture a base board & case ?

https://www.raspberrypi.org/documentati ... /README.md
Retired disgracefully.....

User avatar
rpdom
Posts: 15172
Joined: Sun May 06, 2012 5:17 am
Location: Chelmsford, Essex, UK

Re: Raspberry Pi Security

Sat Aug 31, 2019 12:57 pm

The compute module and I/O board aren't really meant to work together as a finished product. Instead the IO board is for you to test your ideas on before you design and mass produce your own carrier boards.

With the IO board, the compute module's on-board memory can be accessed via USB and changed to hack in. Obviously you'd disable that facility if you designed your own board.

mattg31
Posts: 77
Joined: Fri Jan 05, 2018 9:55 pm

Re: Raspberry Pi Security

Sat Aug 31, 2019 1:05 pm

fruitoftheloom wrote:
Sat Aug 31, 2019 12:53 pm
mattg31 wrote:
Sat Aug 31, 2019 12:48 pm
Ok i'm seeing the value in securing the SD card, I suppose I was trusting that the people who have access to the devices are trusted, but that can never be guaranteed.
I'm assuming the pi will outlive the SD card by several factors, so this is probably not the best plan, but using epoxy to secure the SD is probably going to be my plan. If the card dies in 2 years, I suppose I will just supply another pi.

This isn't the topic of the conversation, but is the raspberry pi compute module a better plan because it uses onboard memory vs SD card?

Depends on the "product" you are selling, do you have the capability to manufacture a base board & case ?

https://www.raspberrypi.org/documentati ... /README.md

For my current product I have manufactured the enclosure for the pi, and have made a simple "hat" circuit board with some relays and sensors. Is this what you mean by base board and case?
Last edited by mattg31 on Sat Aug 31, 2019 1:10 pm, edited 2 times in total.

mattg31
Posts: 77
Joined: Fri Jan 05, 2018 9:55 pm

Re: Raspberry Pi Security

Sat Aug 31, 2019 1:09 pm

rpdom wrote:
Sat Aug 31, 2019 12:57 pm
The compute module and I/O board aren't really meant to work together as a finished product. Instead the IO board is for you to test your ideas on before you design and mass produce your own carrier boards.

With the IO board, the compute module's on-board memory can be accessed via USB and changed to hack in. Obviously you'd disable that facility if you designed your own board.
Oh ok, I see, thanks for the input everyone!
Well for now, while volumes are low, I will epoxy the cards until I can migrate to the compute module for the next generation device.

fruitoftheloom
Posts: 20684
Joined: Tue Mar 25, 2014 12:40 pm
Location: Delightful Dorset

Re: Raspberry Pi Security

Sat Aug 31, 2019 1:09 pm

fruitoftheloom wrote:
Sat Aug 31, 2019 12:53 pm

Depends on the "product" you are selling, do you have the capability to manufacture a base board & case ?

https://www.raspberrypi.org/documentati ... /README.md
For my current product I have manufactured the enclosure for the pi, and have made a simple "hat" circuit board with some relays and sensors. Is this what you mean by base board and case?

The Compute Module is not a standalone product:

https://www.element14.com/community/com ... ute-module
Retired disgracefully.....

pica200
Posts: 138
Joined: Tue Aug 06, 2019 10:27 am

Re: Raspberry Pi Security

Sat Aug 31, 2019 1:21 pm

As advised above WiFi is not so good. If you can then connect it over ethernet. Otherwise make sure the network at least uses WPA2-PSK (AES) with strong password. WPA2 Enterprise is even better.

The compute module is not going to help you much and with custom board design you will probably pay much more than using a regular Pi or Pi Zero. As said above with physical access everything is possible.

tpyo kingg
Posts: 614
Joined: Mon Apr 09, 2018 5:26 pm
Location: N. Finland

Re: Raspberry Pi Security

Sat Aug 31, 2019 2:57 pm

mattg31 wrote:
Sat Aug 31, 2019 12:48 pm
I'm assuming the pi will outlive the SD card by several factors, so this is probably not the best plan, but using epoxy to secure the SD is probably going to be my plan.
There are decent cases which require dealing with screws to access the microSD card.

If it may be asked, what types of service(s) do you plan to run from the Raspberry Pi and what will it be connecting to out on the net?

mattg31
Posts: 77
Joined: Fri Jan 05, 2018 9:55 pm

Re: Raspberry Pi Security

Sat Aug 31, 2019 7:25 pm

Yes, my plan is to make it tamper resistant so that it is obvious someone has attempted to/has accessed SD card.

The device is taking measurements from 4 sensors, and sending these measurements to a web API using python requests.

tpyo kingg
Posts: 614
Joined: Mon Apr 09, 2018 5:26 pm
Location: N. Finland

Re: Raspberry Pi Security

Sun Sep 01, 2019 5:50 am

There are good cases available which leave the microSD card inaccessible from the outside. If you want to see if a case has been opened, a lazy way is to paint the screws with some fancy nail polish. However, that just means they have to buy some of the same nail polish to cover over entry. But depending on the situation, that might be a high enough barrier. Another way would be to use sealing wax and a custom seal.

bjtheone
Posts: 253
Joined: Mon May 20, 2019 11:28 pm
Location: Kanata, Ontario, Canada

Re: Raspberry Pi Security

Sun Sep 01, 2019 2:42 pm

Fancy security stickers are a slightly more professional way to do this. Obviously will not prevent tampering but will deter/make it obvious if it has occurred.

If you want to secure the SD the only real way is epoxy it in or encase the Pi in a barrier case and epoxy the case screws. Even then you are just raising the barrier to entry. In the dark days of pay cable boxes "people" used to modify them to get free channels. The providers started potting the boards to stop the modifying. It certainly raised the bar, but people still modified the cable boxes.

Andyroo
Posts: 4465
Joined: Sat Jun 16, 2018 12:49 am
Location: Lincs U.K.

Re: Raspberry Pi Security

Sun Sep 01, 2019 4:41 pm

Have a look at these on eBay The advantage is you can put the install or image date on with dots so at a glance you can tell what should be on it vs what is on it...

The disadvantage is that I have known folk buy the same same stickers and replace them :twisted: so I ended up with a bill from https://www.seton.co.uk/ and unique labels...
Need Pi spray - these things are breeding in my house...

User avatar
jcyr
Posts: 339
Joined: Sun Apr 23, 2017 1:31 pm
Location: Atlanta

Re: Raspberry Pi Security

Mon Sep 02, 2019 3:38 am

Any Pi on public Internet will probably have ssh enabled for remote access. In that case the 1st thing to do is disable password based login. This and lots of good tips here https://securitytrails.com/blog/mitigat ... -practices
It's um...uh...well it's kinda like...and it's got a bit of...

Return to “General discussion”