Managed mode channel security?

I am using managed mode on a couple of devices to prevent casual, temporary users from screwing up settings. It occurred to me that there might be a problem with a casual user copying the channel settings, something I’d like to avoid.

It turns out that when a managed device is accessed via Bluetooth, the Android app channels screen has the QR code and url grayed out, but in fact the qr code is still correct and can be scanned. I see this as a possibility security issue. Comments?

1 Like

If you can use the QR code to copy from the managedd node, that does seem a vulnablity, as would be coping the admin channel.

But are you sure its a ‘live’ QR code? Seems possible its just the last one on your mobile device, (eg if your device was connected to a non-managed node, you still seeing that QR code)
… ie its not actully the channels from the managed node, but the last non-managed node the device connected to?

(havnt been brave enough to try a managed node, so havent tested it)

You may be right, but I’m not sure how to test it with my current setup. I suppose the Android app may just be pulling up an old image, but I don’t think so. I do know that the grayed-out qr code is valid and accurate. The qr code includes the admin channel key.

i can confirm that this is a security problem:
if you give someone a node in managed mode, he can get full acces to Admin channel and reconfigure all of oyur nodes that are on same admin channel !
either by using another physical Node
or by screenshotting the QR code and reflashing the node and using the qr code.

i tried this and it worked:
1: i setup two nodes (peter and monika) in Channel “sensors” and admin channel.
–QR code for “sensors and admin” is shown in adroid app.
2: i set 1 node (peter) to managed mode by using admin channel from monika-node.
3: 1 reset channel settings on monika to default channel.
–QR code for long-fast ist shwon in adroid app when connected to monika
4: i log into Peter by BLE.
– QR code for “sensor and admin” is shown in adroid app !!
so the Managed node will give the passwort for admin channel !
i screenshot this QRcode and use it to set MOnika to “sensors and admin” again

this way, managed mode users could:
-steal your channel settings from other nodes and connect to different channels.
-shutdown your hilltop- routers, if you are using same admin channel…

managed mode was established to block unexperienced users from changing settings on a node that was given to them for traking and messaging only. but still, usually the settings are made by admin channel on these devices ( i think by USB-serial is also possible?) this ist still a security problem , if a node gets into the wrong hands :slight_smile:

Open issues in the android and python repos, the channel settings are included in the hidden items on iOS.

The intent is that the only way to manage the device is via an admin channel.

1 Like