PC Manager | Take control of your computers

[Snatek]

In the worst case, there would be a 500 mW and 2.4 GHz signal radiated at a few millimeters of a various GHz low voltage signals (some signals are differential paired, but others aren’t).

You are not allowed to go above 100mW for 2.4 GHz band in most regions. And generally wifi devices don't go above that. Also unless there is something horribly wrong with device, most of power will go into antenna outside the PC.

Yes, I meant 100 mW (160 mW max., in this case), I mixed things up. Still enough power to use shielding, as in the case of the vast majority of Wi-Fi devices.

[Snatek]

Do I understand this correctly that the PC manager is an internet connected gizmo that will allow remote control of the computer - over the internet, using a proprietary service ran by your company? And you want to sell this to companies as a somehow good idea? Did you consider what will happen if someone hacks your service (which is pretty certain to happen, especially given your security by obscurity approach)? Not only could someone instantly disable/crash a load of computers somewhere but if the devices have insecure firmware (very likely), they will act as a wonderful vector into the company's network, bypassing the usual access controls (otherwise they wouldn't be able to do their job).

Not only is this a solution looking for a problem (home users won't care and pros will frogmarch anyone plugging a gizmo like this into their office computer out of the door), it is also asking to get hacked for anyone foolish enough to install this.

Engineering isn't only whether something can be done but also whether it should be.

I think you had made a lot of assumptions. The reason the product is not Open Source is not because of a low quality or insecure code (The service will not be provided by a server in my house, but by a proper hosting with redundancy and proper security measures), but to avoid to low quality clone factories to take advantage of my work and money.

If you have an IoT device, it probably works in the same way.

[bd139]

How are you providing security controls and authentication both of the device and the users? What is your privacy and security policy? What physical access controls and key management controls do you have in place? Are you willing to have the code audited by an independent contractor (NCC will do this starting at about £20k)? Which cloud provider do you use? What is their security policy? What libraries do you import? What are the security controls on those? What is your GDPR situation and who is the data controller?

Welcome to my world which is very complicated bringing a product into in 2019.

Also worth a watch as to how even higher investment can produce a “fuck up” (excuse the pun): hacking buttplugs. https://youtu.be/RnxcPeemHSc

[PlainName]

Aha, you're going for the old 'security through obscurity' route, are you?

Imagine a door with a handle. 100 people try to open it, most pushing the handle down to start with. Not all open it and a proportion give up. Now imagine a notice above the door: "Lift handle to open". Of 100 people, more open it now (but some still fail and give up - such is life as a human!).

Are you saying that not obscuring stuff is exactly as secure as going out of your way to tell anyone who wants to know the detail?

Are you also saying that making source available lets security bloopers be seen and fixed? It should but in practice there are loads of exploits, many in security-centric applications. In fact, the wonder is that more bad guys haven't exploited the bloopers no-one else has been arsed to find in open source code.

Surely the better way would be to use code that is apparently secure (properly audited, open source or not) but still obscure it anyway, just in case. Just like one might always use a voltage tester on a mains cable, even after turning off the mains and pulling the circuit breaker, before touching it.

[Snatek]

How are you providing security controls and authentication both of the device and the users? What is your privacy and security policy? What physical access controls and key management controls do you have in place? Are you willing to have the code audited by an independent contractor (NCC will do this starting at about £20k)? Which cloud provider do you use? What is their security policy? What libraries do you import? What are the security controls on those? What is your GDPR situation and who is the data controller?

Welcome to my world which is very complicated bringing a product into in 2019.

Also worth a watch as to how even higher investment can produce a “fuck up” (excuse the pun): hacking buttplugs. https://youtu.be/RnxcPeemHSc

The cloud service is not ready yet, but it will work in a similar way as a website (with SSL encryption): with login/password (maybe 2FA, etc.). The cloud provider is not chosen yet. If the project gets funded, I will discuss the rest of your concerns with a proper software engineer (I am not). If the project is massively backed I will probably run a security audit, but if not, I don’t see any hacker goddess bypassing lots of security measures only to bother to users of a low implemented product (the worst that hacker could do is to force the PC's shutdown), which the affected one can fix by simply unplugging the PC Manager's power cable (computer’s front panel controls would still work) until we solve the problem.

We do actually have a website (https://www.pc-manager.net/) that is in compliance with GDPR. But as we value the users’ privacy, we will probably make the PC Manager “cloud” to run without the need of any personal data.

Yes indeed, it is not easy to bring a product at this time, but at least it helps to keep updated the acquired knowledge.

[madires]

(The service will not be provided by a server in my house, but by a proper hosting with redundancy and proper security measures)

If - for whatever reason - the servers are shut down, do all PC manager devices become e-junk?

[BravoV]

(The service will not be provided by a server in my house, but by a proper hosting with redundancy and proper security measures)

If - for whatever reason - the servers are shut down, do all PC manager devices become e-junk?

Looks like it, as its all proprietary.

I think your question is also answered too, indirectly though from previous multiple answers, as what the Op keeps pointing out is, just trust them, ask no more, because he/she said so.

This is what gathered so far from this discussion.

[Bud]

Who is going to provide customer support. Yourself sitting beside the server in your house? Is it just a single server by the way? Are you familiar with the concepts of Business Continuity and Disaster Recovery?

"Simply unplugging the power cable" is a Major inconvenience to the customer by the way. You sure every grandma will know how and when to do it? You will be instructing people via your facebook?

[Snatek]

(The service will not be provided by a server in my house, but by a proper hosting with redundancy and proper security measures)

If - for whatever reason - the servers are shut down, do all PC manager devices become e-junk?

As stated in previous messages, In the coming days I will add the support of LAN controlling (without the need of any external server) to the Kickstarter campaign, for advanced users. In addition, I will have no reason to “shutdown” the cloud service provider, as its maintenance costs would be low. Why would I put my reputation in risk only to save a tiny amount of money?

I also stated previously that if for whatever strange reason I stop supporting PC Manager in the future, I'll have no problem to make everything Open Source.

Who is going to provide customer support. Yourself sitting beside the server in your house? Is it just a single server by the way? Are you familiar with the concepts of Business Continuity and Disaster Recovery?

"Simply unplugging the power cable" is a Major inconvenience to the customer by the way. You sure every grandma will know how and when to do it? You will be instructing people via your facebook?

That would depend on the specific problem and/or the project popularity. I will not have a server in my house, as previously (ironically) stated, but a cloud service provider with redundancy and proper security measures.

I just stated what would happen in the worst (and unlikely) case. Probably there are other more important and active vulnerabilities your computer can have at this moment (Windows’s, Intel’s, etc.). The security is our second concern, only behind the product safety/reliability, and it’s included on the product price (that is one of the reasons why it costs more than the Chinese product stated in previous messages).

[PlainName]

I am on the verge of backing this. My partner uses WoL to get her PC running when she is on the road, but sometimes it doesn't work (ISTR Microsoft furkled with the network stack a while back which borked it until I found the fix), so this might save me having to pretend interest in support.

But... I am lost as to the point of the power and reset buttons. I mean, if you are in a position to stab those, surely you could just press the real ones. Or is the intent (for some uses) to completely disconnect the front panel to prevent passers-by from dicking with it?

[Snatek]

I am on the verge of backing this. My partner uses WoL to get her PC running when she is on the road, but sometimes it doesn't work (ISTR Microsoft furkled with the network stack a while back which borked it until I found the fix), so this might save me having to pretend interest in support.

But... I am lost as to the point of the power and reset buttons. I mean, if you are in a position to stab those, surely you could just press the real ones. Or is the intent (for some uses) to completely disconnect the front panel to prevent passers-by from dicking with it?

The device has a (labeled) connector for the front panel signals (power/reset buttons and Power/HDD LEDs), and works independently of the PC Manager (the PC signals are internally connected with the front panel ones and in parallel with the PC Manager’s isolated ones), so you have the option to remain the front panel in use or not, as you wish.

[Ranayna]

I would not trust that chinese card *at all*. That thing has access to the PCIe bus and can transmit your data to who-knows-where.
In that regard, the PC Manager is indeed better.

Regarding security, I think enough has been said.

Aha, you're going for the old 'security through obscurity' route, are you?

Imagine a door with a handle. 100 people try to open it, most pushing the handle down to start with. Not all open it and a proportion give up. Now imagine a notice above the door: "Lift handle to open". Of 100 people, more open it now (but some still fail and give up - such is life as a human!).

Are you saying that not obscuring stuff is exactly as secure as going out of your way to tell anyone who wants to know the detail?

Are you also saying that making source available lets security bloopers be seen and fixed? It should but in practice there are loads of exploits, many in security-centric applications. In fact, the wonder is that more bad guys haven't exploited the bloopers no-one else has been arsed to find in open source code.

Surely the better way would be to use code that is apparently secure (properly audited, open source or not) but still obscure it anyway, just in case. Just like one might always use a voltage tester on a mains cable, even after turning off the mains and pulling the circuit breaker, before touching it.

Your analogy might be true for inherently unsecure systems, i.e. an unlocked door. Stuff like that is often done to "secure" stuff like Windows Remote Desktop. People change the default port and think they are secure now  True, that keeps the script kiddies out, but not a determined attacker.
But a properly set up system is secure even when the source is open.
With a closed source system you can be secure, but you do not have any way of checking for security. The old security saying "Do not roll your own crypto" is important here. And most well known, established, and secure crypto is fully open. And why do we *know* it is secure? Because both the algorithms and the implementations are open.

And the security against chinese clones... If PC manager is deemed "worth it" it will be cloned the minute your device is released. At best, your obscurity is buying you some time while at the same time alienating any security aware user.

In the worst case, there would be a 500 mW and 2.4 GHz signal radiated at a few millimeters of a various GHz low voltage signals (some signals are differential paired, but others aren’t).

You are not allowed to go above 100mW for 2.4 GHz band in most regions. And generally wifi devices don't go above that. Also unless there is something horribly wrong with device, most of power will go into antenna outside the PC.

Yes, I meant 100 mW (160 mW max., in this case), I mixed things up. Still enough power to use shielding, as in the case of the vast majority of Wi-Fi devices.

Where are you getting that 160 mW figure from? Since you do not use 5GHz (you could use 200 mW there) you are limited to 100mW. What wifi chipset do you use?

[PlainName]

And why do we *know* it is secure? Because both the algorithms and the implementations are open.

As I pointed out, being open doesn't mean anyone actually checks it over. There have been security application which are open that had serious bugs that no-one ever saw because no-one ever looked.

But a properly set up system is secure even when the source is open.

You assume. Until an issue is discovered because even security people can make mistakes, you know. Hardly anything is infallible.

Surely an extra layer would be to just hide what you're using, whether it's allegedly infallible or not, and then the good old exploit search engines wouldn't highlight the system 5 mins after an issue is discovered. The way you go on, it seems like you're saying that not telling anyone you're using open source means it's automatically less secure than if you broadcast the fact!

[wraper]

BTW about shields. For example Raspberry pi 3 does not use any shield above wifi chip and got FCC approval just fine. My TPlink Archer C7 router does not have shields too.

[Snatek]

And the security against chinese clones... If PC manager is deemed "worth it" it will be cloned the minute your device is released. At best, your obscurity is buying you some time while at the same time alienating any security aware user.

In that case, they can copy the hardware (probably eliminating some safety components to save on production costs) but they will not be able use the PC Manager software, so they will have to develop its own (probably in Chinenglish, as the majority of its software).

In the worst case, there would be a 500 mW and 2.4 GHz signal radiated at a few millimeters of a various GHz low voltage signals (some signals are differential paired, but others aren’t).

You are not allowed to go above 100mW for 2.4 GHz band in most regions. And generally wifi devices don't go above that. Also unless there is something horribly wrong with device, most of power will go into antenna outside the PC.

Yes, I meant 100 mW (160 mW max., in this case), I mixed things up. Still enough power to use shielding, as in the case of the vast majority of Wi-Fi devices.

Where are you getting that 160 mW figure from? Since you do not use 5GHz (you could use 200 mW there) you are limited to 100mW. What wifi chipset do you use?

100 mW is the maximum in some countries, but others have a higher maximum power (4,000 mW on India, for example). That is why most Wi-Fi routers and other Wi-Fi stuff will ask you the country: to limit the maximum power radiated by the device. It's a Wi-Fi module (with FCC and CE compliance).

BTW about shields. For example Raspberry pi 3 does not use any shield above wifi chip and got FCC approval just fine. My TPlink Archer C7 router does not have shields too.

You aren’t probably going to put your Router or your Raspberry Pi enclosed in a metal case next to various several GHz signals. No Wi-Fi system is perfect. There would be losses before reaching the antenna, if you want that EMI near to your PC signals, is up to you but I prefer not taking the risk and shield it. The fact is that every quality PCIe and M.2 PCIe has a shield over the Wi-Fi section, and the ones it doesn’t have, it’s because has been carefully measured and designed so the manufacturer can save on the shield (I doubt any random factory on china supplying unbranded products is concerned by this, but I could be wrong).


Thanks to all.

[Monkeh]

I would not trust that chinese card *at all*. That thing has access to the PCIe bus and can transmit your data to who-knows-where.

Uh, five seconds of looking at it shows that is not the case.

[janoc]

I think you had made a lot of assumptions. The reason the product is not Open Source is not because of a low quality or insecure code (The service will not be provided by a server in my house, but by a proper hosting with redundancy and proper security measures), ...

Your answers only show that you don't have much of an idea about computer security.

You are asking everyone to take you for your word on the device being secure. A company with no reputation, no references and product starting on Kickstarter. Don't take it personally but that's just a no.

Open sourcing the product is only one way of fixing that, I understand that you may not want to do that for business reasons. However, other options could be e.g. an independent firmware/software (including backend and the mobile app!) audit by a reputable company/researchers, published update policy (how often, how long does it take to fix security critical issues, both in the app and the firmware), dedicated security contact on your web site for reporting problems, and, for example, references of the hosting company, so that customer could have at least some idea of what security is in place. How much of that do you have in place before unleashing this on your paying clients? Starting to think about it only once your clients get hacked and there is a CVE assigned to it already would be too late.

Using a hosting company alone means exactly nothing when it comes to security. You wouldn't believe how many hosters keep e.g. customer passwords and credit card data in unecrypted databases, with the argument being that they require it to provide support when the client has problems logging in. Not kidding, I have this in writing from a customer rep of one such rather big name hoster after my personal site was hacked thanks to them and used to host a phishing website for stealing money from clients of some US investment bank. They consider it a normal practice, apparently!

but to avoid to low quality clone factories to take advantage of my work and money.

That's a pretty poor argument for putting your clients at risk. Is their work and money worth less than your work and money?

If you have an IoT device, it probably works in the same way.

Are you really trying to make an argument that because the security dumpster fire of IoT is a standard fare, it is OK to release another such product and sell it to businesses? You are really not helping your case here, IMO.

Also, there is a heck of a difference between a smart light bulb or a doorbell and something meant for an actual business use. I can guarantee you that you won't find the former in the latter, as long as there is a semi-competent IT manager around.

[PlainName]

However, other options could be e.g. an independent firmware/software (including backend and the mobile app!) audit by a reputable company/researchers, published update policy (how often, how long does it take to fix security critical issues, both in the app and the firmware), dedicated security contact on your web site for reporting problems, and, for example, references of the hosting company, so that customer could have at least some idea of what security is in place.

If even a fraction of the IoT stuff on Amazon managed a quarter of that! Yet they sell by the boatload. Wouldn't surprise me if most people here have kit that fails on pretty much all of your points, despite them arguing that this will kill the product on Kickstarter.

[Snatek]

I think you had made a lot of assumptions. The reason the product is not Open Source is not because of a low quality or insecure code (The service will not be provided by a server in my house, but by a proper hosting with redundancy and proper security measures), ...

Your answers only show that you don't have much of an idea about computer security.

You are asking everyone to take you for your word on the device being secure. A company with no reputation, no references and product starting on Kickstarter. Don't take it personally but that's just a no.

Open sourcing the product is only one way of fixing that, I understand that you may not want to do that for business reasons. However, other options could be e.g. an independent firmware/software (including backend and the mobile app!) audit by a reputable company/researchers, published update policy (how often, how long does it take to fix security critical issues, both in the app and the firmware), dedicated security contact on your web site for reporting problems, and, for example, references of the hosting company, so that customer could have at least some idea of what security is in place. How much of that do you have in place before unleashing this on your paying clients? Starting to think about it only once your clients get hacked and there is a CVE assigned to it already would be too late.

Using a hosting company alone means exactly nothing when it comes to security. You wouldn't believe how many hosters keep e.g. customer passwords and credit card data in unecrypted databases, with the argument being that they require it to provide support when the client has problems logging in. Not kidding, I have this in writing from a customer rep of one such rather big name hoster after my personal site was hacked thanks to them and used to host a phishing website for stealing money from clients of some US investment bank. They consider it a normal practice, apparently!

but to avoid to low quality clone factories to take advantage of my work and money.

That's a pretty poor argument for putting your clients at risk. Is their work and money worth less than your work and money?

If you have an IoT device, it probably works in the same way.

Are you really trying to make an argument that because the security dumpster fire of IoT is a standard fare, it is OK to release another such product and sell it to businesses? You are really not helping your case here, IMO.

Also, there is a heck of a difference between a smart light bulb or a doorbell and something meant for an actual business use. I can guarantee you that you won't find the former in the latter, as long as there is a semi-competent IT manager around.

Probably, the device you’ve used to write your post, in addition to being Closed Source, has dozens of known vulnerabilities and hundreds of other unknown ones, both in its hardware and its software. It’s also quite probable that any of those vulnerabilities would have much more devastating effects than the ones you are trying to attribute to this project based on no evidence.

If, as you say, is important to make the project Open Source to make it more secure (which I see it as an oxymoron), then how would I pay to any software engineer to fix those vulnerabilities once the clone factories make my business unsustainable? Are you relying on some random expert working for free to amend a problem that affect to small number of people/businesses?

“PC Manager” and “Snatek” are registered trademarks under my name, ID, address, etc. That data figures on the Global Brand Database and they store that data even after the trademark expiration (10 years). In base of this, yes, my personal reputation would be in risk if that devices have any kind of problem in the future.

... for anyone foolish enough to install this.

I don’t take anything personally but it is not an easy task when someone calls “fool” to any potential buyer, based in incorrect assumptions.

Regards.

[Ranayna]

That sounds like whataboutism at it's finest 

You are going on about physical safety quite a bit on the project page and you try to sell that as an advantage (compared to what?).
Sure, that is an important aspect, but essentially it is an aspect covered by product liability laws. So you need to cover those issues no matter what, otherwise you could be liable for damages.
That reminds me a bit of a common labeling for some foodstuffs here in Germany. In big letters on the front it then says "Without preservatives*" as if this is something noteworthy. Somewhere, in tiny font on the back you then see "*as prescribed by law". So they are not allowed to use preservatives anyway, but still use that fact to advertise.

The liability laws, sadly, generally have holes as large as barndoors in regards to IT security. Therefore it is only natural, as someone who wants to release a project, to put security as a secondary concern. But consider the possibility of raising *above* the level of all that abundant always connected IoT crap that is out there.
Currently you are just a small step above the crap, by the sole reason that you are European, and are therefore (easier) subjected to European liablity law. Not that chinese junk (or rather it's importers) is not subject to those, but enforcement seems to be to difficult there...

Then the question comes up: What do you *really* want to sell?
You are selling some hardware, where the software is included. The software alone has no value for you, except as an incentive to sell your hardware. Since you do not plan a subscription service, the software will *never* have more value than that.
The hardware alone could have a value, if someone else can write software, under the assumption that there even it is a significant market for your device.
Given the ease of access regarding wifi-connected microcontroller projects nowadays (hello ESP-32 and co) I can even relate to your fears regarding easy cloning.

I do not know where else you are advertising your campaign, I have it only seen here so far. And I am even a bit surprised that your are advertising here. The EEBVlog is not a computing forum. True, it has a computing related sub-section, but that is not the main focus, not by a long shot. And you are not showing much about the actual electronics of your device. Not even a board shot

At least the current status shows that the niche for your device seems to be surprisingly small, or you are not going to the right spots to advertise.

[janoc]

However, other options could be e.g. an independent firmware/software (including backend and the mobile app!) audit by a reputable company/researchers, published update policy (how often, how long does it take to fix security critical issues, both in the app and the firmware), dedicated security contact on your web site for reporting problems, and, for example, references of the hosting company, so that customer could have at least some idea of what security is in place.

If even a fraction of the IoT stuff on Amazon managed a quarter of that! Yet they sell by the boatload. Wouldn't surprise me if most people here have kit that fails on pretty much all of your points, despite them arguing that this will kill the product on Kickstarter.

And how much of that kit is meant to be used as an enterprise solution? Are we really comparing wifi LED bulbs from Amazon with something one is supposed to install into a company's computer and use on company network? Really??? 

[bd139]

Indeed. You won't find any rock bottom IoT shit in the average enterprise.

[janoc]

Probably, the device you’ve used to write your post, in addition to being Closed Source, has dozens of known vulnerabilities and hundreds of other unknown ones, both in its hardware and its software. It’s also quite probable that any of those vulnerabilities would have much more devastating effects than the ones you are trying to attribute to this project based on no evidence.

That's only your unfounded assumption about my PC that  you know nothing about and hand waving distracting from the point being debated.

If, as you say, is important to make the project Open Source to make it more secure (which I see it as an oxymoron), then how would I pay to any software engineer to fix those vulnerabilities once the clone factories make my business unsustainable? Are you relying on some random expert working for free to amend a problem that affect to small number of people/businesses?

Again a strawman argument - I have said explicitly that I understand you may not want to do it for business reason (not bothering to refute the "oxymoron" claim, that can be  easily debunked with a 5 minutes google search) and offered you alternatives - which you have all promptly ignored.

“PC Manager” and “Snatek” are registered trademarks under my name, ID, address, etc. That data figures on the Global Brand Database and they store that data even after the trademark expiration (10 years). In base of this, yes, my personal reputation would be in risk if that devices have any kind of problem in the future.

Which is of great help to anyone who gets hacked because of your device that you didn't fix problems in or don't even accept vulnerability reports for.

I don’t take anything personally but it is not an easy task when someone calls “fool” to any potential buyer, based in incorrect assumptions.

Regards.

It is difficult to call it anything else when you are intentionally avoiding answers to questions and trying to obfuscate the issue by throwing up irrelevant arguments, such as your trademark registration or supposed vulnerabilities in other devices. You have also not provided any arguments why my assumptions are incorrect. 

[Snatek]

We just added a feature to PC Manager that allows (advanced) users to completely disable internet access and to work only on LAN. This function will result in a little more time to configure each device (more than the 2 minutes it takes with the default configuration) for users who opt for this function.

As this function allows the PC Manager to work completely offline, I hope this will mitigate the concerns some users had about security and/or about a hypothetical product end of life.

Adding this feature doesn’t mean we will relax our security policy; it is only an additional layer of protection for those who wants it.

This feature has been included in the campaign already.

[BravoV]

We just added a feature to PC Manager that allows (advanced) users to completely disable internet access and to work only on LAN. This function will result in a little more time to configure each device (more than the 2 minutes it takes with the default configuration) for users who opt for this function.

As this function allows the PC Manager to work completely offline, I hope this will mitigate the concerns some users by nice EEVBlog forum fellows had about security and/or about a hypothetical product end of life.

Adding this feature doesn’t mean we will relax our security policy; it is only an additional layer of protection for those who wants it.

This feature has been included in the campaign already.

You're welcome.

PS : correction added