#device pin code lock (for privacy reason) and overall safety of our devices

I think having a simple pin code to unlock the device (like a phone) would be nice could even delete all compromising data after 10 false code

could only really work on devices with a keyboard but i think it is a good idea

doesnt seem too hard to implement either

Makes sense on others too, for example, someone steals a device and connects it to a PC, gets your messages, private keys, and ganks everything on your admin channel too

Yep it was my concern

If someone take your device He basicaly have every info and can spy on you

https://github.com/meshtastic/firmware/issues/3222

Not a small addition

It cant be done ?

No way to cheat with adding another microcontroler that would send on one of the pin an info to tell the device to stay shutdown or something ?

Trying something with a second microcontroller is going to be your best bet at getting something into place quickly, adding a pin or password adds a lot of friction to the existing process for every single user, there are a lot of devices without screens or a way to enter a pin, and having to look at the serial log is a pretty advanced user operation so to get it in the mainline firmware is going to be a pretty big lift.

plus the flash of the device is unencrypted. if someone swipes a node and knows what they are doing, they own you. Pin or not.

True

Phisicaly locking the Board in epoxy could be the best safety lol

by that logic, its not worth locking your car, because if "someone knows what they are doing, they own you"

excuses aside, it seems the devs don't want to do this. too bad.

Guess we could make it on our own

I think I have a way it could half work. Make it so your average person cant read the messages, it would require a seperate microcontroller though. If you are interested Im not opposed to making a custom PCB that would lock it.

let me know if you would be interested

@sharp tapir

@silent anvil

I will set them UP so they work first

Maybe After that

👍

Another Idea but maybe WE could simply block the screen display when locked ,thé Joe average Guy would not know enough to crack it

that was sort of my plan

essentially intercept the i2c bus between the screen and the board

Make sense lol

doing a schematic now

this might work

ive had a long day so im pretty tired but I will give it a test in the morning

btw this isn't a foolproof design

all it would take would be to disassemble the case desolder this and put it to the screen

but the average person wouldn't have a clue

Yes it Is what matter

Could maybe add a self destruct function After 10 try

not really

I mean i could but it wouldnt self destruct the board just lock you out

Could work,but having thé battery and thé board short circuiting and taking fire sound much better

i dont think that sounds like an amazing idea lol

If you add a self destruct counter ,it is

i can make it lock you out after 10 attempts or something but shorting the battery to explode the device sounds a bit silly

Well maybe just a litle

i have just a simple question - why? Is the government tying to lock you up? chinese spies after your invention?

lol

having a password makes sense but making it kill itself is a bit much i think

Better be safe than in a CCP prison ....

What about an easy way to remotely reset a device? (But maybe keep channels used for position telemetry or remote control?)

Factory reset does that now

If you have a repeater device that you are worried about security, don't include channels anyway

i think valian was originally intending for this to be for if your portable node gets stolen or something? i'm not sure but i think that's what he was intending

yes

or if a static node get captured

it need to not alow someone to read messages from it

i see it as some kind of safety onion with layers of protection

basicaly 1/ dont make it visible so no one think it is important 2/ if it get seen or taken by someone dont make it easy to understand what it is 3/ if someone know what it is dont make it possible to use the device to read or receive message /4 if someone can read message with it then he must not be able to decrypt them and know what is being said

Why are there keys on a static node?

there is not necesary keys

but adding a pin lock to unlock the device make sense even on a static node

it mean someone cant just pick it up and plug it into his computer and get data

Only if you have the keys, which is a bad security practice to have your keys on a static node you might not control.

its true

but not all nodes are meant to be static

idk

still better to have one more layer of safety if possible

The pin has some value, but using a short pin to protect a AES256 key is not the way, may help if a mobile node is compromised but this is not really for a repeater which should not have keys to start with.

i only see the use for a mobile node