Hello lovely community,
I would like to know how are people securing their BalenaFin on the field (loaded with BalenaOS or not) in general terms, but specifically on the mounting of the eMMC.
Background:
It is my understanding that the CM3 can be mounted as a mass storage media, via rpiboot for example.
This obviously leaves the device wide open for an attacker to take a look into the device.
Of the approaches I have seen around, none are conclusive since the fin lacks a crypto chip.
On the BalenaOS side, I will say that I don’t really now if this is a tackled issue or to understand how it was addressed.
Further, for raspberrypi3 users, the sd card would also require some encryption approach.
I hope this question becomes relevant to the community.
Regards!
Hi @mvargasevans , from what I know for the fin and the pi3/4 since it lacks an integrated crypto chip the options are quite limited. So if someone malicious has physical access to the device they can get whatever they want. I believe a lot of users are addressing the issue primarily with physical security measures, but we have started investigating ways of using solutions like https://www.zymbit.com/ to do encryption of specific volumes and then when the physical box is opened this data would become inaccessible. This investigation is still just in PoC phase though. Unfortunately preventing data loss when someone has physical access to the device requires the hardware to support the use case which the pi family does yet.
Hi @shaunmulligan
Thanks for the quick reply.
Obviously that would mean so measures to at least make it difficult for an attacker (minimize keys storage, encrypted passwords and so on). I would be interested to hear different approaches!
Yep, indeed the goal would be to try make things as difficult as possible. Encrypted passwords on device are not easy as there is no crypto so would require additional hardware which would be fairly easy to listen on the wires (although again increases the difficulty for a hacker). I have pinged a few of my colleagues that have been thinking about this a bit more than myself and hopefully they will weigh in with some other interesting avenues.