search

sccn / lsl_archived

Multi-modal time-synched data transmission over local network
242 stars 134 forks source link

add SSL to LSL? #246

Open dmedine opened 6 years ago

dmedine commented 6 years ago

I got an email today from a security expert at TU Graz (where LSL is used extensively) who is studying how research teams set up BCI experiments from an IT point of view. He asked how hard it would be to implement SSL/TLS in LSL. A quick glance at this: http://www.boost.org/doc/libs/1_47_0/doc/html/boost_asio/overview/ssl.html tells me it isn't.

I think it should be a configurable feature, but I think it is absolutely critical that this be added.

mgrivich commented 6 years ago

I assume you mean NOT absolutely critical.

Just slapping on SSL would add no value, because anyone who can detect the stream can subscribe to it and get the real data. We would also have to add some sort of passwording system. You also get into needing to have active (paid) certificates, care to make sure that you understand security not to have made silly mistakes, etc. Basically, this feature is not as trivial as it first appears. Generally we now enforce security by setting LSL to local net only, and locking down that network.

tstenner commented 6 years ago

For a local network, a user could generate a set of self signed certificates and only allow clients with a valid signature, so an attacker couldn't just subscribe without the certificate. Then again I don't think anyone of us is qualified to do this right and most lab networks should be separated from the rest of the network anyway...

dmedine commented 6 years ago

Well, I meant 'absolutely critical' in the sense that frightening new BCI technologies are emerging and this is a problem in terms of the immanent global robacolypse (not to mention Brazilian hackers out to steal pin numbers).

I say this only half (well, maybe 4/5s) in jest. Obviously the password thing is a pain, but at certain labs that I've been to (but won't name here) network security protocols are more than a little neglected. In fact, I seem to remember having once not-so-legally replaced a wireless router in one such lab. I wouldn't want LSL to be objectionable to universities due to its level of security (which, as Matthew points out, is offloaded to the network itself).

In any case, if it should emerge, it should certainly be switchable in the config file. Also, I am optimistically hoping that the guy who contacted me will want to take on the actual development work. I assume that is why he asked me how hard it would be to implement.

Glad to hear your thoughts on this.