Introducing the SAFEthing Framework: Secure Access For Everything


#21

One aspect is that any commands can be verified as to have come from a specific source since messages contain the sender and can only have come from that sender because of SAFEnetwork protocol.

Also IoT devices can store their data in verifiable places.

So hacking has to be done on an account basis and that puts it into much more researched and known arena for security methods. Basically if only the devices (or @bochaco’s gateway device) know the credentials then it’ll take a long long time for any hacker to break it. They’ll have to resort to social engineering or hacking the developer’s and/or installer’s systems before the devices are installed.


#22

Yes, I’ve sent data to thingspeak from one. I programmed it using Arduino IDE and Arduino compatible libraries. Don’t know about other ways of programming it, but there are probably other approaches too. Basically in the Arduino way, there is a setup function that is called on boot, then a function that is repeatedly called while it is up and running. In between these calls, the chip is doing whatever it needs to in order to keep it’s WiFi connection alive. Inside your periodically called function, I think your code can’t be too much of a CPU hog, or you’ll have connection issues.


#23

Just saw this article and thought it was relevant to this discussion.

I also tweeted a link to topic for consideration. :wink:


#24

One aspect is that any commands can be verified as to have come from a specific source since messages contain the sender and can only have come from that sender because of SAFEnetwork protocol.

That makes sense. Thanks!


#25

I haven’t read the whole readme file but this seems powerful: “A SAFEthing can expose a set of topics that other SAFEthings can subcribe to in order to receive notifications upon events.”

A whole bunch of things can listen to each other in different ways. It may be tricky though to detect endless loops where one event triggers a response from another device which again triggers the first device and so on. Although that’s probably something for the developers using the framework to prevent.


#26

I think this was inspired by MQTT


#27

That’s correct, and it sounded to me that many of the current IoT protocols use the publish-subscribe pattern, which I think it makes sense since a single device can expose a variety of services and you’d be interested in a subset of events, this is why the filters become a key part of the notification mechanism.[quote=“Anders, post:25, topic:13469”]
It may be tricky though to detect endless loops where one event triggers a response from another device which again triggers the first device and so on. Although that’s probably something for the developers using the framework to prevent.
[/quote]

I think this is a very interesting thing to consider, I haven’t gone to think about it deeply but I agree it could be nice if the framework can help you detect such scenarios, although I doubt it, since you could have several devices in a loop and not just two as you seem to exemplify.


#28

As alpha 3 start to rise on the somewhat distant horizon and head in our direction I wonder to myself if we’ll see SAFEthings emerge with it :slight_smile:


#29

So glad to hear of this project. A couple years ago I would ask about SAFE on IOT and hear it wasn’t light enough. Maybe that changed with RUST?

Also noted Intel was pushing this toll road plan to try to make sure telco could profit from evert IOT transaction instead of cutting them out of the loop with stuff like interference based mesh. Makes me worry for Tesla with Tesla now using intel as the supplier for the Model 3 chipset- at least momentarily. Might have been Intel’s plan, tells Mobile Eye be irrational with Tesla so they boot you, we’ll acquire you for a higher price and then gain a premium from Tesla for setting Tesla back. Do not trust them.


#30

I think put should be free, only get needs to be charged, either from consumer or from hoster. What about data stored temporarily?


#31

This has been discussed to death in other topics. You will come across many discussions as you read further and get to know SAFE.

There is many reasons for charging to PUT and I’ll pick one that is a show stopper for free PUTs. SPAM Spam will allow every attacker to keep filling up the storage so the network is always full.

For keeping GETs free, its the stated goal of the SAFE project to allow the world’s population free access to information. But also history has shown that people resent paying their ISPs then having to pay again to some other entity for information they can get free on the internet.


#32

I’ll need to go through the forum before i post things already discussed elsewhere. Thanks for clarification. Good day… :relaxed:


#33

@Mistaaah No worries, just a quick search of the forum and you can always raise an old thread from the dead if there is something valuable to add!