[chbot] Peer-to-peer remote access box

Volker Kuhlmann list0570 at paradise.net.nz
Tue Jul 29 10:04:34 BST 2014


On Tue 29 Jul 2014 16:25:04 NZST +1200, Robin Gilks wrote:

> A few things I'm not keen on
>  * rendezvous server - outside of my control. Is it *really* secure?

They say it is used only for "finding each other", which is both
plausible and reasonable. All projects of that aim have the problem of
needing to be functional out of the box for less tech-savvy users. What
annoys me is that it is not made optional.

>  * install software on PC - bet that means Windows only then!!

Not here (and I agree they should have made that clearer). Android
client, browser plugin, Linux (and a few others I didn't pay attention
to). There are SDKs on http://nabto.com/#download-list for server and
client. Not all of it is open source, but they say the encryption and
connections parts are.

>  * passwords/keys on a 3rd party system - that won't get hacked then...

Are you sure about the key location (I haven't looked to that detail)?
The topology doesn't require keys to be in the cloud (major security
fail if they were). Another critical question would be:

 * How is ongoing security maintenance going to happen?

(That's why I think SOHO/consumer router junk is junk, because it
doesn't happen.)

> You get the idea - if you want something done properly, its best to do it
> yourself!!

Or look for those blokes on Indiegogo that do do it properly. Still
looking myself... Compare with OPI, who said outright "yes you can do it
yourself, if you had the time". I'm not saying nabto is ideal but
decided it'd still be worthwhile. Other alternatives are the VoCore or
RPi etc. Or pick the closest to knock into preferred shape.

Volker

-- 
Volker Kuhlmann
http://volker.top.geek.nz/	Please do not CC list postings to me.



More information about the Chchrobotics mailing list