#100 - the future of emba

[m-1-k-3]

What are you missing in emba? Let us know how you are using emba, what is working and what doesn't work

From our point of view we have the following areas to improve:

• [x] improve threading (more modules should use it) (https://github.com/e-m-b-a/emba/pull/107 / https://github.com/e-m-b-a/emba/pull/106 / https://github.com/e-m-b-a/emba/pull/102 / https://github.com/e-m-b-a/emba/pull/97)
• [x] improve the web reporter (see https://github.com/e-m-b-a/emba/pull/101 / https://github.com/e-m-b-a/emba/pull/121)
• [x] emba needs to get faster again (we lost a lot of performance with this pull request https://github.com/e-m-b-a/emba/pull/92)
• [x] some modules need some cleanup (e.g. P07 - https://github.com/e-m-b-a/emba/pull/110)
• [x] Cleanup and speedup of F19 and S115 (https://github.com/e-m-b-a/emba/pull/112 and https://github.com/e-m-b-a/emba/pull/115)
• [x] CSV export of aggregator data (https://github.com/e-m-b-a/emba/pull/116)
• [x] Speedup of S105 (https://github.com/e-m-b-a/emba/pull/117)
• [x] Include Metasploit exploit information to aggregator (https://github.com/e-m-b-a/emba/pull/117)
• [x] Include the ability to create configuration profiles (https://github.com/e-m-b-a/emba/pull/120)
• [x] Installation summary with hint to update cve-database and protecting your host
• [x] Create a UI for emba (see https://github.com/e-m-b-a/embark)
• [x] Test emba on RPi v4 tested it, works, but is really slow (RPI v4 with 8 Gigs Ram) and therefore not usable as a standalone server.
• [x] Include a check for the cve-database in the installer (to not touch an already installed and running database environment) (see https://github.com/e-m-b-a/emba/pull/145)
• [x] Provide docker images for emba (https://hub.docker.com/r/embeddedanalyzer/emba)
• [x] TLI installation process (e.g. image of debian installation) I did some research, it would be possible, but not worth the developing time (especially because we are advising to use docker and then it has to be non-interactive)
• [x] switch from docker to podman (should we?)

What else would be great to bring to emba?

[m-1-k-3]

all done.

[dgutson]

@m-1-k-3 what happened with "switch from docker to podman"?

[m-1-k-3]

@dgutson not enough time to go into the depths ...

[dgutson]

@m-1-k-3 would you accept such contribution, or it has been discarded?

[m-1-k-3]

I would prefer to open an Issue for tracking first. We need to define some generic testcases/testfirmware and for some special modules some dedicated firmware images. With this in place we can walk through all modules and check if they are working as expected with podman and we can document it there in a simple list like:

• [ ] emba startup - testfirmware used - works [y/n]
• [ ] Module P02 - testfirmware used - works [y/n] - comment
• [ ] Module P05 - testfirmware used - works [y/n] - comment
• [ ] ...

After evaluating what is working and what not we can think on fixing and how to fix. If you take this over and start up with some initial testing and documenting it would be total awesome.