Raspberry 3.14159265.... a first review

came accros these @ designspark

With respect to the author's problems getting the GPIO to work, I found it interesting that the Debian image -- developed specifically for the Pi -- still enforces a philosophy that users should not be using the "root" account.

How small does a device need to be before it's socially acceptable to log in with root? :roll_eyes:

How small does a device need to be before it's socially acceptable to log in with root?

if the default (or better max) string size is 5 bytes ? :wink:

Chagrin:
With respect to the author's problems getting the GPIO to work, I found it interesting that the Debian image -- developed specifically for the Pi -- still enforces a philosophy that users should not be using the "root" account.

How small does a device need to be before it's socially acceptable to log in with root? :roll_eyes:

It's got nothing to do with the size of the device and everything to do with basic security. You can give your account sudo rights so you can do what you need to for admin operations, and you avoid giving system access to any of the random apps you run. If you want to take the risk you can still enable the root account.

Any way to connect a touch lcd with it?

There is no onboard A/D so something's are tricky.

Anyway the Pi in the title is only approximate, this is fitting because so is the so called review.

Grumpy_Mike:
There is no onboard A/D so something's are tricky.

Anyway the Pi in the title is only approximate, this is fitting because so is the so called review.

True. Why on earth does the reviewer think that "So the question really is what can you do with a Raspi that you can't get with a old pentium PC running linux?" is actually the question.

He complains that there is no SPI driver yet, so why doesn't he write one? He has hardware, we don't have ours yet.

man..... i want mine....now

:frowning:

Mine arrived last Thursday but only got around to giving it a whirl over the weekend.

My first impressions are favourable :slight_smile:

Getting a SD Card to work with it was the most frustrating part. My advice is to get a good branded, class 4 SD Card say 2G or 4G-byte. In the end I got a Sony SD Card to work with it. Once it boots typing startx will get the GUI running

When did you order that and from who?

I placed orders with both Farnell and RS to make sure I got one :slight_smile:

This one came from RS

dhunt:
It's got nothing to do with the size of the device and everything to do with basic security. You can give your account sudo rights so you can do what you need to for admin operations, and you avoid giving system access to any of the random apps you run. If you want to take the risk you can still enable the root account.

It was really meant as a rhetorical question but I would love to hear your example of how access to root would change the security of a Raspberry Pi.

Chagrin:

dhunt:
It's got nothing to do with the size of the device and everything to do with basic security. You can give your account sudo rights so you can do what you need to for admin operations, and you avoid giving system access to any of the random apps you run. If you want to take the risk you can still enable the root account.

It was really meant as a rhetorical question but I would love to hear your example of how access to root would change the security of a Raspberry Pi.

Sure, here's a good short write up of Linux security recommendations: http://www.linuxtopia.org/Linux_Security_HOWTO/local-security.html. You can find more via google.

The root account is the most dangerous account on the machine, and as such its a juicy target for attacks.

dhunt:

Chagrin:

dhunt:
It's got nothing to do with the size of the device and everything to do with basic security. You can give your account sudo rights so you can do what you need to for admin operations, and you avoid giving system access to any of the random apps you run. If you want to take the risk you can still enable the root account.

It was really meant as a rhetorical question but I would love to hear your example of how access to root would change the security of a Raspberry Pi.

Sure, here's a good short write up of Linux security recommendations: http://www.linuxtopia.org/Linux_Security_HOWTO/local-security.html. You can find more via google.

The root account is the most dangerous account on the machine, and as such its a juicy target for attacks.

That's not an example, although you did describe the root account as a target for attacks so perhaps you could describe just one attack.

I've been using Linux ever since I downloaded the Slackware disks onto floppies so feel free to use big words.

Chagrin:

dhunt:

Chagrin:

dhunt:
It's got nothing to do with the size of the device and everything to do with basic security. You can give your account sudo rights so you can do what you need to for admin operations, and you avoid giving system access to any of the random apps you run. If you want to take the risk you can still enable the root account.

It was really meant as a rhetorical question but I would love to hear your example of how access to root would change the security of a Raspberry Pi.

Sure, here's a good short write up of Linux security recommendations: http://www.linuxtopia.org/Linux_Security_HOWTO/local-security.html. You can find more via google.

The root account is the most dangerous account on the machine, and as such its a juicy target for attacks.

That's not an example, although you did describe the root account as a target for attacks so perhaps you could describe just one attack.

I've been using Linux ever since I downloaded the Slackware disks onto floppies so feel free to use big words.

I'm not sure why you want me to do the googling for you, but try this - it includes big words: Linux malware - Wikipedia.

Chagrin:
That's not an example, although you did describe the root account as a target for attacks so perhaps you could describe just one attack.

I've been using Linux ever since I downloaded the Slackware disks onto floppies so feel free to use big words.

After reading back through the posts to see why you're getting a bit upset, I feel I should reassure you that you are free to do whatever you like.

Its not that likely that you will be tricked into executing a trojan on your Pi with your root account. If you run some network services as root, its probably not that likely that they have buffer overflow bugs, or DOS problems. Even if they do then someone still has to connect and exploit those problems to gain root access to your Pi. Take your chances as you would with any linux system. Since you've been a linux user since the Slackware floppy days, I'm sure you're already familiar with the appropriate security precautions for the way you intend to use and deploy your Pi.

I am going to port windows XP original release to it :astonished:

anyway about the review, I find it to be a bit negative, and would be fair if I didnt feel like the author just kind of half assed it, you dont really plop debian on anything and have it running smooth as butter ... I have had it on my mac for over a year now, and just about every time I end up fiddling with it a little to improve something, or whatever

Where as the author seems to be under the impression that its going to do everything and anything direct off of the disk almost like if it was a console game system (or other electronic appliance)

if you succeed in that port, please do post about it here :slight_smile:

Chagrin:
How small does a device need to be before it's socially acceptable to log in with root? :roll_eyes:

If it supports multiple uids, most people should usually avoid being root.

It's not so much about security (unless it's a Windoze box): it's mainly about the fact that people make mistakes, and not being root frequently makes the difference between "an annoyance" and "a cluster(bleep)".

Not creating backups or failing to store your source code on an off-Pi repository is an entirely different problem than simply using root.

So let's look at how root differs from an unprivileged user. You can access all other users' files on the Pi, but to me that seems like a convenience. If multiple people are non-cooperatively using it and you're concerned about those security implications -- well that would be pretty weird on a $30 piece of hardware, but you've still got your backups. Like the article mentions, there's also the GPIO that a user cannot reach, but how is it any improvement to log in as an unprivileged user, su to root, adjust the permissions on the GPIO devices (which are apparently connected to some type of mission critical peripherals), then drop back to an unprivileged user? It's just a hassle and in the end you've reduced the GPIO security from root level anyway. Your device with a daemon-running-as-unprivileged-user is now no safer than it would be if the daemon was running as root.

Don't get me wrong, I'm not saying that you can't design your device for deployment with carefully restricted GPIO access or configure it to do things like store your collected data in a way that prevents its destruction from a non-root user, I'm simply saying that disallowing direct root login is a level of nannying that makes no sense for a device of this size.