How secure is SmartLink?

KC8P

Is SmartLink secure? Yes. Connection to your radio is facilitated using a secure authentication process through a secure server using industry standard token passing. Communication and control messages between your radio and its client system (SmartSDR for Windows or Maestro, for example) occurs over a secured Internet communications channel using SSL/TLS encryption.

Can you disclose more specifics? It is a very generic response. What do you mean by "industry standards"? What level of encryption is used in SmartLink? AES? What is the key size 128 or 256? Is the transport layer TLS 1, 1.1 or 1.2?

Thank you
Mario
KC8P

Ken Hansen

No offense, but I'm curious about the concern, are you expecting someone to try and hack into your radio and brute-force it to transmit? In a similar vein, what security levels do other remote control protocols/applications use - remotehams, HRD, RS-BA1, Kenwood applications, etc.? I suspect SmartLink bests them all, even at moderate levels of the cited technologies.

L.Kubis

Isn't connecting UPnP to the outside world making ones home system less secure?

Lloyd
VE3ERQ

Ken Hansen

Upnp opens needed ports, so yes, it lowers the security versus having the ports closed, but it's a trade-off, and the idea is the software on those now-open ports can handle themselves properly under malicious attack. It opens an attack vector, but in theory it also manages any possible attacks.

Ross - K9COX

The Russians, Chinese, and N Koreans are listening to my all important QSO's

Tim - W4TME

From the FAQ:

"Connection to your radio is facilitated using a secure authentication process through a secure server using industry standard token passing.  Communication and control messages between your radio and its client system (SmartSDR for Windows or Maestro, for example) occurs over a secured Internet communications channel using SSL/TLS encryption. The transmit data that would go out on the air and received audio that was received off the air is not encrypted"

Tim - W4TME

There are some concerns with UPnP regarding rouge apps that when installed on your network will use this feature to expose other devices on your network.  UPnP is a feature found on just about every firewall/router you purchase and it is usually already turned on by default.  Skype will utilize UPnP if it is available.  

To make SmartLink or any remote access process work, you have to open a port(s) on your firewall to the outside to initiate the connection.  You can do it manually or allow UPnP to do it automatically.

As with any network security initiative, protection begins with good Internet usage habits (safe browsing, knowing the origin of programs you are installing, not falling prey to Phishing scams, etc..)

Gerry Jurrens

Tim, I have a Maestro on order. Can I specify that Smartlink be pre-loaded when it ships? Thank you.

Tim - W4TME

To install SmartSDR 2.0 on the Maestro is a simple process; select the version from the available version screen and download if from the Internet. It only takes a few minutes

David Decoons, wo2x

Gerry, you got my number if you get stuck, but follow the Maestro SmartLink Quick Start Guide. (Tim posted a link to it yesterday). The guide is well written and walks you through each step.

73 Dave wo2x

Tim - W4TME

Mario - SmartLink supports TLS.  The default version is 1.2 but will negotiate down to 1.0 if necessary.  The encryption is using SHA-256

KC8P

Ken,

I've spent last 20 years in IT and security concerns are important part of my job. I treat these things on professional and personal level seriously. These are standard questions to the vendor when you implementing ant IT solutions and exposing your network to the bad actors around, nothing extraordinary. 

KC8P

Anyone can technically listen, as far as I know the audio is unencrypted.

KC8P

Great! Thanks for the details! Good job!

Tim - W4TME

If they intercept the VITA-49 stream and can decode it, yes they can technically "listen", but that is a tall order and it provides no benefits as your RF transmissions are already unencrypted; all you need is a radio receiver and tune into the correct frequency.

KC8P

Wow! It seems to be a solid standard for SDR architecture!

Tim,

Do you know what is the algorithm used to compress the audio stream?

Must be well compressed giving the minimum requirements of 0.5 Mb/s up and down.

I see on LAN the SmartSDR consumes about 2 Mb/s and DAX component about 10 Mb/s with just one RX.
 

Tim - W4TME

We are using the Opus codec.

To achieve the low bandwidth minimum, you have to request less display data from the radio, which constitutes a majority of the VITA-49 payload.  You do this by reducing the frame rates of the panadapter/waterfall displays and using only one panadapter.  SmartLink has a feature that before you connect to a radio, you can request a low bandwidth connection that will make these settings for you automatically.  In some cases where the Internet bandwidth is very low, too much data can prevent SmartLink from connecting or if you are on a metered wireless plan, consume your bandwidth in short order.

We are planning on doing additional bandwidth optimizations to SmartLink after 2.0 is released.  This will allow us to better characterize the issues and come up with the right solutions.

KC8P

Again, appreciate it! Very informative to anyone considering 2.0

In my case the radio/server side is not an issue, I can enjoy 90 Mb/s down and 12 Mb/s up

Thank you!

Ken Hansen

Tim - just curious, will there be a 'flying blind' mode with no panadapter to really save on bandwidth? This could be implemented as a 'freeze' function once a qso is started, or as a 'traditional' VFO display option... I think a zero panadapter for low-speed links could be a popular option, esp for the latte-sipping, rag-chewing, remote operator!

David Decoons, wo2x

You could just put the slider for the panadapter FPS and waterfall refresh rate all the way to the left, which will be the lowest BW setting. No way to completely turn off the display.

Dave wo2x

Ken Hansen

K8CP - well I've got 21 years in IT, and I have seen many people get very excited about security where they really needn't worry do much, like I said, I was 'curious' about what was driving your concern.

IMHO the technologies employed, if only implemented at lowest protection levels suffice for most personal applications.

I also asked about what other remote operation software offers as far as security - I suspect Flex is well beyond what we would consider the industry standard as employed by the other software packages I mentioned.

Varistor

SHA-256 is not an encryption algorithm, it is only for hashing.

With respect to security, what kind of independent third party testing has been done against the SmartLink backend infrastructure?

KC8P

Sounds good! I was just curious how Flex handles it and I'm greatful to get the answer.

KC8P

N2WQ - you are absolutely correct. Likely, they use AES for encryption, it is a pretty much standard.

Question about the backend infrastructure is also a good question, since all credentials will be stored there.

Steve-N5AC

We're working on a security white paper which will detail how SmartLink works and the protocols in use.  We've been busy preparing the release and just haven't had time to finish the paper, but hope to do so soon.

Security is a rather complicated topic and there are lots of ways to do it well and do it poorly.  Having information about a particular protocol we used really doesn't tell you a lot.  For example, someone could use a highly secure connection between you and a site used to purchase something with a credit card.  The owner of the website could brag all day about using the latest security, but then store your credit card in a database and then leave the database open to the world (this is a regular occurrence on the Internet).  You really need to understand the whole picture and be able to ask questions in order to perform an accurate security audit.

In general, no system is ever completely secure and work needs to be conducted over time to ensure a high level of security.  For example, take a look at the issues fixed in the latest version of iOS from Apple: https://support.apple.com/en-us/HT207923.  What I can tell you is that security was a major goal of SmartLink and we've implemented what we believe are good protocols in a manner that is secure (we  did look at how competitive remote radio access products are built and were stunned at the lack of good security in most).  We'll be setting up a security email alias that allows anyone that has read our white paper and has concerns to voice those and help us with any issues that arise and we invite anyone that is well versed in Internet security to give our white paper a read and let us know if we've missed anything.

Varistor

What would be very helpful is if you share your Threat Model. That is, what specific threat scenarios you are addressing and how. Threat scenarios drive requirements, development, and testing. A very simple example: the threat of account takeovers is mitigated thru multi-factor authentication. Solutions like encryption are the bare minimum. What's interesting are your threat scenarios/model.

Tim - W4TME

The credentials are not stored on our server  We use Auth0.

Steve K9ZW

Tim - W4TME

As Steve noted, we will address the security infrastructure of SmartLink to the extent that it will not compromise the integrity of the system in an upcoming white paper.  Thank you.