Thread: UDP security loophole?
View Single Post
  #14   Spotlight this post!  
Unread 13-03-2012, 13:43
virtuald's Avatar
virtuald virtuald is offline
RobotPy Guy
AKA: Dustin Spicuzza
FRC #1418 (), FRC #1973, FRC #4796, FRC #6367 ()
Team Role: Mentor
  
Join Date: Dec 2008
Rookie Year: 2003
Location: Boston, MA
Posts: 1,056
virtuald has a brilliant futurevirtuald has a brilliant futurevirtuald has a brilliant futurevirtuald has a brilliant futurevirtuald has a brilliant futurevirtuald has a brilliant futurevirtuald has a brilliant futurevirtuald has a brilliant futurevirtuald has a brilliant futurevirtuald has a brilliant futurevirtuald has a brilliant future
Re: UDP security loophole?
FRC Robots should never be connected to an untrusted network -- EVER. Consider the following:
  • All robots ship with an active FTP server with username/password FRC:FRC, which allows you to reset the software to anything you want
  • You can completely reimage a rebot without authentication
  • For robots running windriver, a debugger can connect without authentication -- I'm sure you can load labview code without authentication too
  • If you have NetConsole active, then you can run arbitrary commands on the robot using a shell. Once again, no authentication.
  • I'm sure there are many other things

So worrying about dashboard communications is the least of your worries.
__________________
Maintainer of RobotPy - Python for FRC
Creator of pyfrc (Robot Simulator + utilities for Python) and pynetworktables/pynetworktables2js (NetworkTables for Python & Javascript)

2017 Season: Teams #1973, #4796, #6369
Team #1418 (remote mentor): Newton Quarterfinalists, 2016 Chesapeake District Champion, 2x Innovation in Control award, 2x district event winner
Team #1418: 2015 DC Regional Innovation In Control Award, #2 seed; 2014 VA Industrial Design Award; 2014 Finalists in DC & VA
Team #2423: 2012 & 2013 Boston Regional Innovation in Control Award

Resources: FIRSTWiki (relaunched!) | My Software Stuff
Reply With Quote