Page 48 of 48 FirstFirst ... 38464748
Results 471 to 477 of 477

Thread: The Development Log

  1. #471
    TVWBB Platinum Member Bryan Mayland's Avatar
    Join Date
    Apr 2010
    Location
    Tampa, FL
    Posts
    4,211
    Pushed out a new AVR firmware only to the Online Repository. This only adds one feature which is that the servo stays active all the time while the HeaterMeter is on. If the HeaterMeter is switched off (left long button press) then the damper should close and deactivate. I've been using this for a couple weeks and it feels like it works ok so unless anyone has a problem with it, I'll bundle it into the main Release Candidate and we'll call it done.
    I'm that HeaterMeter guy what ruins everybody's free time.

  2. #472
    TVWBB Platinum Member Bryan Mayland's Avatar
    Join Date
    Apr 2010
    Location
    Tampa, FL
    Posts
    4,211
    I've spent some time of the past few days getting everything squared away with allowing heatermeter.com as a mail relay for being able to send notifications without having to put your personal email account/password in HeaterMeter, which is not a secure device. See the wiki using-the-heatermeter-mail-relay.

    There are quite a few restrictions to make sure that this system can't be abused (spoiler: it still can be abused).
    • Your HeaterMeter must be in the HeaterMeter Device Registry. If nothing appears there, no go.
    • Your device must have checked in within the past day. (may further restrict this)
    • Authentication must be ON. Username is heatermeter, and your password is your RaspberryPi's serial number, with leading zeros, no whitespace.
    • From address must be notify@heatermeter.com. I will not relay mail "from" another domain.
    • Your connection must use TLS.
    • Your ISP must allow port 587 out, un-proxied or filtered.
    • You can not send to multiple recipients in the same message.
    • Maximum message size is about 1KB, there is some flexibility due to header sizes here.
    • Connections will be throttled to prevent abuse-- do not send a lot of test messages within an hour of when you expect to send real notifications.


    If anyone else has any ideas to further lock it down I'd be interested to hear them. I've tried to do my best to secure it, but this is an open source project so there's no real way to really restrict the client when anyone can be a client if they follow the proper registration steps. Looking down the road it might be required that users create an account at heatermeter.com and they can only send to registered email addresses or something. But let's see how this works because I think it is pretty trivial to get setup.

    I'm holding the release on this because I think I'd like to have this information be the default SMTP configuration. This can all be setup automatically on firstboot if there's no other msmtp config file and everything seems to be working out for people.
    I'm that HeaterMeter guy what ruins everybody's free time.

  3. #473
    TVWBB Wizard Steve_M's Avatar
    Join Date
    Jul 2013
    Location
    Toronto
    Posts
    1,792
    I think it's a good idea in that it reduces the complexity. I would leave it disabled by default, allowing it to be easily enabled, with some wording explaining what you are agreeing to. Some people might not be ok with the idea of heatermeter.com knowing the email addresses of it's users. I would also suggest you purge or sanitize the mail server logs to reduce exposure.

  4. #474
    TVWBB Fan
    Join Date
    Jun 2016
    Location
    Southwestern MN
    Posts
    108
    To play Devil's Advocate, Steve..... don't use the service if you don't want the service to have any knowledge of you. Expect *EVERYTHING* to be logged. Personally, just to protect himself, I'd expect Bryan to keep the mail logs around for 30-90 days, at least, just on the chance a hole is found and it turns into an open relay.

    Me, I'd override and use my own mailserver.... then again, I've also discovered that my ISP is apparently oh-so-helpfully dropping outbound messages from my HeaterMeter to my phone, using yet another address as a return. Setting the return address to my ISP's domain apparently allows it through. Yes, the SMTP connection is authenticated. And no other traffic is affected.

  5. #475
    TVWBB Wizard Steve_M's Avatar
    Join Date
    Jul 2013
    Location
    Toronto
    Posts
    1,792
    Another suggestion for the heatermeter.com email service would be to validate the recipient address before sending emails. This ensures that a) you know you've put in the correct email address and b) you reduce the risk of info@heatermeter.com becoming flagged as a spam account.

    It might also be better to change the from address to something more specific, such as hm-alert@heatermeter.com

  6. #476
    TVWBB Platinum Member Bryan Mayland's Avatar
    Join Date
    Apr 2010
    Location
    Tampa, FL
    Posts
    4,211
    I kind of agree about the opt-in policy, but there isn't a way to really disable it because if it is configured it will work if you use it. I wouldn't want to leave it configured except leave out the password or something, because then it isn't clear how to enable it without reading the docs.

    As far as logs, I'm going to have to keep some logs, at least 30 days to be able to run analytics on to check for abuse. I'll probably just put up a Privacy Policy page as a start that indicates that it won't be used for commercial purposes.

    The validated email thing is also a good idea but then I need to start keeping a database of validated email destinations too, which isn't great because the email address is tied to a specific device. Also someone would have to create a whole UI for submitting your email address for validation and being able to remove addresses from the list and also some secure way of removing an email address tied to an old device but not allow someone else to remove your email address. I think it is too much to expect from this sort of anonymous interaction the user has. If the user had a login to HeaterMeter Live, the cloud-based real time platform, then we could do all these things because we're actually linking devices to users and therefore validated email addresses. But that isn't built yet!

    I do prefer alert@heatermeter.com, you're right. I think I'll change it to that in the next pass.
    I'm that HeaterMeter guy what ruins everybody's free time.

  7. #477
    TVWBB Platinum Member Bryan Mayland's Avatar
    Join Date
    Apr 2010
    Location
    Tampa, FL
    Posts
    4,211
    Snapshots and you! Today's snapshot includes fixes for major security vulnerabilities in dnsmasq.

    This also includes pre-configuring the SMTP client to use the new heatermeter.com gateway if no other server has been configured. If the msmtprc config file has the default host in it (mailhub.oursite.example) or is heatermeter.com, we'll autoconfigure the settings with the username and current Pi serial number. This happens each time the firmware is installed or upgraded so moving to a new Pi should just work if the user reflashes the firmware or resets the config. I was trying to decide if this should be done on every boot, but that seems unnecessary. I guess we'll see how that works in the long run.
    I'm that HeaterMeter guy what ruins everybody's free time.

Page 48 of 48 FirstFirst ... 38464748

Similar Threads

  1. Development Update: 1Hz updates
    By Bryan Mayland in forum HeaterMeter DIY BBQ Controller
    Replies: 6
    Last Post: 09-02-2012, 04:29 PM
  2. Flavor development
    By Gary Bramley in forum Q&A #1 with Jamie Purviance
    Replies: 1
    Last Post: 03-28-2007, 02:31 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •