Kios should not connect to an external MQTT server without permission #46
Comments
|
Is there any workaround about this issue ? |
|
hey, it's actually setting this connection up for our cloud application, butt if you didn't configured it, it will not do anything. For next version we will make sure the connection is not established when not needed. However if you are suspicious you can always block the ip in the firewall. |
|
I had blocked those devices from connecting to the internet in my firewall, because there is absolutely zero reason it should connect to the internet without my permission. @cedricve |
|
@cedricve I would suggest to make either disable this completely, or inform the user during install that this happens (and clarify what data is being sent to this MQTT server). |
That is the point I try to make. @jeroenjacobs79 you should look into the source code, to see what it is doing. It establish the connection, but doesn't receive or send data if the cloud credentials are not entered. Anyhow, as mentioned this is something we will definitely will fix in next version, as it doesn't make sense to establish the connection anyhow (it's not good for anyone). https://github.com/kerberos-io/machinery/blob/master/src/kerberos/cloud/ForwardStream.cpp#L7 https://github.com/kerberos-io/machinery/blob/master/src/kerberos/Kerberos.cpp#L84 |
Preliminary Docs
I confirm that I have read the CONTRIBUTING guide before opening this issue.
I confirm that I have read the FAQ before opening this issue.
motionEyeOS Version
NA
Board Model
I am using the following board/model: (insert your board model here, e.g. Raspberry PI 3B+).
Camera
NA
Log Files
NA
Actual issue
I'm seeing connections to an external MQTT server (159.65.215.225) after installing kerberos on my Raspberry Pi. Since this is data gathering without explicit permission from the user, this is probably a GDPR violation and therefore illegal in Europe.
Proposed solution
Make this opt-in during install.
The text was updated successfully, but these errors were encountered: