Simple Security for the Connected World Atsign provides you with the building blocks for innovative Networking 2.0 experiences
Securing devices and data on the network today is broken.
It is too complex, time consuming, and expensive. We believe that a new approach to networking, Networking 2.0, can solve this challenge and also create opportunities for totally new and unimagined experiences. We have created the building blocks-a new protocol and SDKs-that allow people to quickly and easily create Networking 2.0 products and services.
Our unique technology is decentralized and open-source, but it is not blockchain. It makes it possible to efficiently secure devices and data, at scale. Atsign’s technology lets you focus forward, on innovation and growth, instead of being governed by security hassles and limitations.
i think you should give context to what is going on right at the start. i juast stumbled upon this video and at the point a viewer would have gained interest in the toppic he already left.
just received my first ESP32 board (banggood 1914005), and an ESP-Prog clone (basically a FT2232HL/Q from Aliexpress).. and now I'm interested in stepping thru a blink-led example using JTAG! I used Zadiq to install the WinUsb drive but not sure how to configure OpenOCD. For example, if you unplug/plug, does the last debug program run, or was the debugger running out of RAM? How do you dump the contents out of NVM via OpenOCD?
This is a good point, however, port knocking is susceptible to man in the middle attacks. The knocking sequences can be intercepted (and potentially modified to the attacker's liking). Not to mention an attacker can impersonate the server itself. With No Ports, the atSigns communicating are the only ones that can send and receive data through the use of keys. It's interesting stuff, you can learn more about it on their website: www.noports.com/sshnp-how-it-works
That is correct if you know the IP addresses you will being accessing the SSH server from. But if you are on the road or coming from a mobile device you will not know the IP address you will be coming from hence it really has to be as open as this in most cases.
After reading the architecture presented on their website - you initiate the connection through a proxy server, so the target machine technically has no publicly accessible ports since it only opens a port accessible to the proxy server. But that's just moving the attack surface a step back, people can still challenge the proxy server... No matter how complex a scheme you come up with, as long as you can access the password checking surface, other people can, too.
TCP Connectivity does indeed go through a rendezvous/relay point. But each connection is on a new TCP port and authenticated using standard PKI. But importantly the traffic itself is then encrypted with an AES256 key that only the client machine and the remote device have. The AES key is derived on the client machine and sent (again end to end encrypted) to the remote device. Bottom line yes the proxy server could be attacked but it itself has only random ports open and every connection is cryptographically challenged. But even then it never has anything of value, by which I mean it never sees anything in the clear and never has the encryption keys for the TCP connection or SSH keys.
So instead of using an open sourced, heavily reviewed protocol and service, you have another entry point, most likely closed sourced and proprietary, to tell the server to allow SSH connection to proceed. I prefer to use fail2ban on my exposed linux boxen to just IP block anybody after 3 failed attempts. I have even setup alerts to monitor the fail2ban log to alert me if a large number of failed attempts occur.
The whole of SSH No Ports is open source so no proprietary code, you can read on the Atsign website blog why in a post just this week. We take many precautions to ensure that there is no surface for intervention in SSH No Ports. Before an SSH session is started, all 3 entities (client, server and relay), must perform a signature verification proof to verify them. We then take the precaution of cutting a new AES stream encryption key, and ephemeral SSH key pair on the local machine. These are transmitted to the SSH server entirely edge-to-edge encrypted (the encryption keys are stored at each edge, we couldn't decrypt the data even if we tried). Then both sides proceed to authenticate to the relay, which doesn't have the stream encryption key (so it also cannot decrypt the data stream from either end, preventing the intervention of a MitM or preauth attack). Then we proceed with an ephemeral SSH tunnel to port 22 which your client can connect to over the loopback interface. So yes we are security and privacy advocates and write everything in the open
The whole of SSH No Ports is open source so no proprietary code, you can read on the Atsign website blog why in a post just this week. We take many precautions to ensure that there is no surface for intervention in SSH No Ports. Before an SSH session is started, all 3 entities (client, server and relay), must perform a signature verification proof to verify them. We then take the precaution of cutting a new AES stream encryption key, and ephemeral SSH key pair on the local machine. These are transmitted to the SSH server entirely edge-to-edge encrypted (the encryption keys are stored at each edge, we couldn't decrypt the data even if we tried). Then both sides proceed to authenticate to the relay, which doesn't have the stream encryption key (so it also cannot decrypt the data stream from either end, preventing the intervention of a MitM or preauth attack). Then we proceed with an ephemeral SSH tunnel to port 22 which your client can connect to over the loopback interface. So yes we are security and privacy advocates and write everything in the open You can also look and Audit the code yourself: github.com/atsign-foundation/noports\ Read more on Why we choose Open Source: atsign.com/resources/articles/why-open-source/
Hello! hope everything is well with you. I'm creating a glove that translates gestures into text and audio and I need your help to develop the corresponding application with Flutter, ESP32, Arduino IDE and Bluetooth.” Just create a flutter application that will receive words coming from the Arduino IDE's serial monitor and print it on the application screen. I would really appreciate it.
I have been trying to make a BLE app in flutterflow to receive data from esp32. That is all I need to do but it dosen't work can you suggest if it would be easier to shoft in flutter fna do it or still do it in flutterflow.
Using atSigns, you can have your ESP32 run an atSign and subscribe to the atSign running on the Flutter app. Your ESP32 code will then receive a message/command from the Flutter app then create a text file containing whatever the Flutter app would have instructed. This is possible through our SDKs. Check out docs.atsign.com !
@@AtsignCothanks but does not seem to be feasible when I have to program thousands of generic boards. And the communication needs to happen on the local network for security reasons.
@@CompanyBusinessCards It is still possible to use atSigns offline. You would need to set up your own atDirectory (previously called root server) and your own atServers (previous called secondary servers) that are visible to each other on the network. As long as you specify the root address, your root server can point to requested atSigns to their corresponding atServers.
@@chidiebube3657 The atProtocol is used between endpoints to communicate over the Internet. The ESP and Flutter app use the atPlatform (which implements the atProtocol) for end-to-end encrypted communication.
Can flutter talk to a Windows' bluetooth dongle ( FSC-BP102 , HC-06-USB ) that's connected to Windows? I've tried to use flutter to talk to desktop peripherals using (ffi, platform-channels), but no luck. Perhaps it would be easier to use python-flet? Also, any plans on a video setting up VSCode to work with ESP32? I installed IDF (esp-idf-tools-setup-online-2.20) , VSCode , the Microsoft C++ Build Tools and the VS Code extensions: C/C++ and C/C++ extension pack. However when I try running the espressif extension (express mode) it does not see my existing IDF! I'd really like to debug using the esp-prog!
Hey @Ben, I don't have experience with connecting to Bluetooth devices in Flutter, but from a quick google search, I came across this: pub.dev/packages/flutter_blue_plus Be sure to also join our discord in case you have any questions (I almost missed this one!) : discord.atsign.com
We have a tutorial on setting up VSCode and your ESP32 with PlatformIO using the Arduino framework. There is current work being done to have the atPlatform working with the IDF as well. ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-0sEVprF_2Fg.html&pp=gAQBiAQB