RE: [discovery] improving the acceptability of the NSD API


> What I was clear about was that if communication was restricted to UPnP
> messaging valid wrt the service description, it would probably be quite hard
> to hack devices.

Restricting to valid UPnP messages is a good step forward but not always sufficient.
Well-crafted but valid UPnP messages sent to some UPnP IGD service implementations can cause security holes.
Additional service-specific checks (nothing impossible actually) would be needed to fix this.

That said, for most NSD envisioned services (media servers/renderers...), this kind of validation probably removes most (you can never say all...) attacks.

FWIW, it is already feasible and relatively simple for browsers or browser extensions to implement those checks at the time a XHR request is sent.
That may be an option for unsafe services that a browser would like to whitelist.

Regards,
 Youenn

Received on Thursday, 10 October 2013 09:39:35 UTC