Posts by kenc

kenc · Security Concerns kenc December 29, 2017 at 4:32 PM

Quote

If you're concerned about entering a clear text password - which I agree is a valid concern - then create a low privileged Windows user to protect access to the share, and don't use your main PC user account.

This is concerning, as if you have not read my previous posts. I thought I was clear in the first, but if that was not enough.

Quote

You are correct. I did not make it abundantly clear, that there are work arounds not listed that can alleviate these risks (I only highlighted a few.

I am not sure how to make it more clear that this is not about workarounds (again, my instance is setup securely), this is about not being clear, and diminishing security for the average user.

I am not sure why bringing up a security concern has been responded with such a negative reaction?

kenc · Security Concerns kenc December 26, 2017 at 11:28 PM

Quote from nickr

you can disable password ssh access to libreelec, and allow access only via secure keys.

You are correct. I did not make it abundantly clear, that there are work arounds not listed that can alleviate these risks (I only highlighted a few.)

This however was not the point I was trying to make. I was simply stating that more devices are unsecure because of these "security improvements", thus I would think that security improvements should be made to have the greatest impact, e.g. don't go backwards for most, for the apperance of security.

So I argue on one side we have, more security out of the box, better backwards compatability, less user/develop frustration, and the other side we have more security for those in the know out of the box, (but they could have the same if they are in the know, regardless.)

I am still struggling to see any real gain here?

kenc · Security Concerns kenc December 26, 2017 at 10:26 PM

Quote from Klojum

Changing the root password is to be a part of LibreELEC as of version 9.0.

If you want a different password right now, you can change it in LibreELEC's source code on Github, and create your own build.

So I take it that you agree that these changes should be reverted at least until 9.0?

Overall, the entire stance seems odd. Windows will make changes at some point, that will not allow smbv1, thus we will disable anonymous shares to preempt that. Regardless if your share is this newer version of windows or any other smb enabled service?

Support seems to be challenging these forums, your users, etc... and based on your response, I beleive we can agree, that this has only made it less secure, not more. This entire topic seems to be frustrating both the user and developer base....to me the answer seems obvious.

kenc · Security Concerns kenc December 26, 2017 at 5:28 PM

As far as I understand it, you cannot change the root password, and libreelec removed ability to use anonymous shares as per:

libreelec_faq [LibreELEC]

Quote

It is not possible to change the password (without recompiling the distro with a different one) because the password file is contained inside the read-only squashfs SYSTEM file (the read-only part is the challenge).

Newbie help

Quote

Anonymous Windows shares are NOT supported by Kodi so you should ensure that access to the Windows 7 share is restricted with a username/password and that "password authentication" is enabled on the Windows share. Kodi should then prompt for a username/password when accessing the share.

Though the author states Kodi, I believe librelec was intended (I could be wrong, but kodi windows 17.6 does works fine with anonymous share.)

So I went from having my librelec box not locked down (no issues), to now have to put in a clear text password of a valid user on my windows share. Now I naturally could create a user that only has access to this share or guest, but this is probably not well understood, or common practice. Whereas before, only things being exposed, were things that were fine to be exposed, ( e.g. my windows share with no sensitive data and libreelec user/pass,) now I am more likely going to share sensitive data (e.g. a valid user on my windows server.)

I would argue that in adding this "security enhancement", by and large the impact is less security for those involved. As previously stated, there are work arounds that would do as intended, but I do not beleive this is well documented, or understood by most or even possible to be understood by most.

If any of my assumptions are incorrect, please let me know.