Wow, thanks for replying so quickly! @arobodude , I understand that you have to draw the line somewhere, but I feel like you went to open. Maybe adding extra security measures would hurt development. I am not the one who purchased Misty; it was our Computer Science department. We use Misty in an IoT class. The professor is hoping students have the chance to develop and create projects with Misty that may have a positive impact on children with autism and older patients as well. How Social Robots Could Help Older Patients Help Themselves
I am currently a graduate student at the University of Minnesota, Duluth. My research is on common security misconceptions. One of the security misconceptions is “this configuration works, so it’s probably secure.” The person who bought this robot assumed it was secured when we got it set up on our University network. They had no idea that the android system was rooted, and by default, it had no passwords for an ADB shell session. That open door allowed me to gain access from outside of my campus.
Two security issues jumped at me while using misty. One would be the command center API that allows anyone to make API requests without some key. Maybe something as simple as a unique key that displays on the face of Misty that a developer would have to add to the requests they send. h t t p s : / / w w w . f r e e c o d e c a m p . o r g / n e w s / b e s t - p r a c t i c e s - f o r - b u i l d i n g - a p i - k e y s - 9 7 c 2 6 e a b f e a 9 / You could even do a general use key for all requests.
My professor said that someone moved our Misty from a remote connection to test it out over the phone. I guess the solution is for this is to keep it off the main network, but our University has a policy of no private hotspots sharing campus internet. We will have to contact the IT department for a custom solution for Misty because it is to open. Maybe set up a VPN connection to the robot.
The second issue which is the most concerning is the android ADB shell. I am not sure how you could set this up when you ship them out. The reason I found this flaw was because someone posted on this site that if you want to connect to an open network, one controlled by white list Mac address. To do this, you have to create an ADB session and use a program to view the android system. I showed my adviser, who is a computer security professor, how easy it was to automate this attack. He told me to take the robot off the network and let the professor of the IoT class know.
After doing some research, it seems like there is no easy way to do this on a rooted android device. I think this is because most of the manufacturers root the device so users cannot ‘’‘su root’’’ into the phone. adb - Password protecting shell access - Android Enthusiasts Stack Exchange
I think this is my biggest concern. My solution is to use openVPN to get access to Misty.
I understand why you guys chose to not add standard default security settings to misty, but you have to disclose this to the consumer. Again I did not purchase this Misty; it was a department purchase at the University of Minnesota Duluth. I am just a graduate student taking a class and had the pleasure of working with Misty. I will say it is a fantastic robot. I have said nothing but praise about the well-documented API commands you the site has. Maybe adding a optional security step in the documentation? That would at least inform the user of the potential dangers of uses this device on a network like at a University.
Not going to lie, it has a high price tag, but even I am considering investing in one just because it is so much fun to develop on! You guys are doing a great job, and I apologize if this post looked like I was taking away from that.
Thank you @slivingston and @arobodude for the quick responses to my post!