M5Stack Community
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    Unit cam S3 unsafe poster

    Units
    2
    4
    53
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      johseffer
      last edited by

      Hello, the current mode of image poster is unsafe, anyone can access the eazy data generated urls using mac that is of another people. Please keep the webserver on after enable the poster and make an authentication process to the access. A simple password field in configurations to concat in url is better than the totally open current approach

      ajb2k3A 1 Reply Last reply Reply Quote 0
      • ajb2k3A
        ajb2k3 @johseffer
        last edited by

        @johseffer Have you set the ezdata stream to private?
        Ezdata isn't a full service, it's a test service. if you need a more secure service its time to move on to AWS or Azure.

        UIFlow, so easy an adult can learn it!
        If I don't know it, be patient!
        I've ether not learned it or am too drunk to remember it!
        Author of the WIP UIFlow Handbook!
        M5Black, Go, Stick, Core2, and so much more it cant be fit in here!

        J 1 Reply Last reply Reply Quote 1
        • J
          johseffer
          last edited by

          Make camera data repository with public url pattern like this sound like a bad idea to me.

          https://ezdata2.m5stack.com/ECDA3B507E5C/captured.jpg
          https://ezdata2.m5stack.com/ECDA3B507E4C/captured.jpg

          a simple script can dump every unit photos from url, the first time i opened my url i get a photo of an M5Stack team member inside the factory, for an example.

          Sound like a bad approach when we talking about security, even if in a development environment.

          1 Reply Last reply Reply Quote 0
          • J
            johseffer @ajb2k3
            last edited by

            @ajb2k3 i'm still rewiring the firmware above to use AWS s3, but will be good if the documentation can provide some example about that.

            https://github.com/m5stack/UnitCamS3-UserDemo/tree/unitcams3-5mp/platforms/unitcam_s3_5mp/main/hal_unitcam_s3_5mp/servers/apis

            More detail about that process can make the unit more noob friendly like ESP-CAM and another projects

            1 Reply Last reply Reply Quote 0
            • First post
              Last post