About security and availability


#1

Hello i want to know if my device goes offline from your web admin if it still works in my intranet.For example my router has any kind of problem, etc…

Also about security, what can i say to my boss if he says that your operating system can sniff our network and passwords and expose us to bad things…

Regards


#2

Offline devices: The only thing that goes away when a device can’t connect to the cloud is the update and management cycle. Your code continues to execute, endpoints and requests across the local subnet continue to work fine.

Network sniffing: This sort of conversation is one we’re taking seriously, and we will soon have a couple of big milestones done for making this kind of conversation with your boss nice and easy. The first is a security white-paper which will set out our philosophy and practices regarding security. The second is that all of the code executing on your device will be open source, so therefore can be verified.
In the mean time an exercise for the careful would be to monitor all of the communications from the device, and scrutinise the OS .img file downloaded.


#3

Hello @ramstein74,

We’ve just published our security white paper as a page in our documentation. We will keep this updated with the latest on our security features. Feel free to submit an issue with the label security if there is anything you feel is missing.