I would like to construct some temperature probes for a project using Arduini Wifi Rev2's.
I have the basic code working and I am pleased with the results so far.
The Adruinos are sending tiny payloads to a cloud server using simple POST/GET type of commands.
My question is this: If I am putting the device into "client mode" is there any possibility of someone being able to probe the device in a nefarious manner. There should really be no ports listening right? I certainly have not defined anything in code but I really don't know what is going on behind the scenes, in the WiFiNINA Library.
I saw a WifiNINA derivative library that claims one could upload sketches via WiFi. That is scary, especially for someone who wants to deploy this Arduino project on a corporate LAN. I would hate for someone to try an take over a device and weaponize it. I can see this happening with a poorly configured Raspberry Pi because of the nature of the operating system. Are there best practices and is this even a concern?
A properly configured WiFi client connected to a WiFi router properly configured can only be probed from the outside if there are open ports in the firewall.
However, WiFi signals can be at risk from anywhere within the range of the signal:
I am not worried about the wifi payload.
And the Arduinos will be on a designated Wifi SSID and VLAN.
I could care less about the data. There is nothing private about it.
What I am concerned about is the ability to somehow pirate an Arduino and make it do something other than what it was programmed to do (ie upload a new sketch) without physically connecting to it.
Which is why I referred to the WiFiNINA (some custom derivative) library that can accept new sketches via wifi. In my particular application this is a big no-no.
Unless the base hardware has the ability to self-update wirelessly, you should be "safe" as WiFi flashing is software enabled:
WiFiNINA
Communication
Enables network connection (local and Internet) with the Arduino MKR WiFi 1010, Arduino MKR VIDOR 4000, Arduino UNO WiFi Rev.2 and Nano 33 IoT.
With this library you can instantiate Servers, Clients and send/receive UDP packets through WiFi. The board can connect either to open or encrypted networks (WEP, WPA). The IP address can be assigned statically or through a DHCP. The library can also manage DNS.
If this is "commercial" you may need a letter or app. note stating the hardware is not capable of wireless updating.
Arduino library to upload sketch over network to supported Arduino board
This library allows you to update sketches on your board over WiFi or Ethernet.
The library is a modification of the Arduino WiFi101OTA library.
This may not apply to the Arduino Wifi Rev 2 but since I cannot really understand what goes on inside the basic WifiNINA library how would I know if there is OTA capability somehow built in or sitting dormant. Or maybe my code could leave something open because I missed turning off a bit somewhere in setup. If so I would want to disable that capability. From where I sit I don't think it is possible to do OTA uploads with the standard libraries. Since the library is abstract to me, I am just making an effort to lean on someone else for validation it is generally safe as long as you dont venture off into the woods with your code.
I treat such IoT devices with extreme suspicion. I put them in a guest network (special VLAN), don't allow them to talk to each other and allow only very limited Internet access, usually NTP and a restricted server list. That even is not foolproof (see later)
Sometimes the full source code of the software development kit is not published so it is not clear what it is doing. Even if the manufacturer has no ill intent, poor code could lead to exploits. Malware would not have replace an entire application as in the case of say an over-the-air update, it could simply supplement part of say the IP stack.
A rogue IoT device could do all sorts of things. The obvious one is publishing your WLAN credentials, or otherwise providing an entry point into the network, but it could attempt more subtle things like spoofing your WLAN and attacking other devices. It could download malware which could then attack a PC it is later connected to over USB using say the HID interface directly (emulating a keyboard and trying to type into a command window) or exploiting weaknesses in the USB/UART chip and/or its drivers.
Restricting Internet access may not be so easy because rogue devices could form a radio link to other devices in a less protected network to collect the latest exploits. Some standard Internet resources, say specially configured NTP servers in a pool, could be used to feed such devices.
Having said all that, someone intending to attack a specific network may find easier ways.