GCS: Obfuscate chip serial # in AT results #469
Conversation
|
Reviewed 1 of 1 files at r1. Comments from the review on Reviewable.io |
|
Review status: all files reviewed at latest revision, 1 unresolved discussion. ground/gcs/src/plugins/config/configautotunewidget.cpp, line 510 [r1] (raw file): Comments from the review on Reviewable.io |
|
Also need to do this in usage tracker? https://github.com/d-ronin/dRonin/pull/339/files#diff-b4957b270a3e8e93cfedbf157d26a687R248 |
|
@tracernz added to usage tracker. see also d-ronin/autotown#2 |
|
We should have done this on the autotown side, but since we're coming up to release it seems like this should merge. |
|
Reviewed 1 of 1 files at r1, 1 of 1 files at r2. Comments from the review on Reviewable.io |
GCS: Obfuscate chip serial # in AT results
|
@mlyle I think we should do both, send a hash and don't publicly show the hash in autotown. If the hash is public, it may also be abused to submit bogus results that then get associated with a submission by another user (-> bad user experience). |
Discussed that with @dustin and he thought it would be too difficult to do it there. |
|
Not showing data that got sent is possible, but not sending it is better if On Mon, Jan 18, 2016 at 2:27 PM Michael Corcoran notifications@github.com
|
Use a cryptographic hash to obfuscate the chip serial number in the shared autotune results.
The rationale for doing this is that the serial number may be used for other things, like warranty claims or registering the controller with a manufacturer, so the serial number should be kept private. While this is not 100% secure (it may be possible to guess a valid serial # due to limited entropy), this is IMO better than not obfuscating the number at all.
Compile but not tested. This should go into the Renatus release, otherwise we will not be able to associate boards with each other in the future.