Notifications
Clear all

Security audit?  

  RSS
OroNZ
(@oronz)
New Member
Security audit?

Hi,

My Prusa I3 MK3S+ is on its way 🙂 I'm looking to answer some questions about its use in the workplace, particularly any digital security vulnerabilities. This printer will not be online. the only access this printer will have is through SD card load-ins.

Models are loaded into the printer on SD Cards - that's going to be the easiest point I guess. Steal an SD card and any models on it become vulnerable. Got it.

Firmware update payloads. USB connectivity's in the picture. 

When the Prusa loads a model from the SD Card or USB, is that G-Code payload stored in any kind of onboard RAM buffer for printing? If so, is it possible to retrieve/copy that data to a different storage device?

Any white hats out there have ideas on what to look out for in terms of security holes to address?

-Oro

Opublikowany : 15/04/2021 11:34 pm
bobstro
(@bobstro)
Illustrious Member
RE: Security audit?

Out of the box, the device has no routable connectivity options. To add a network interface or interface via USB, physical proximity is required. To prevent such physical access, secure the device in a locked enclosure, cabinet, rack, room, building, or compound as befits your security concerns. Limit access via key, combination, guards, dogs, sea mammals, or other means. At that point, if someone can physically access the printer, they have access to a hell of a lot more interesting things than a $1,000 printer that they might damage. Your logical perimeter is the device itself. Your physical perimeter is the closest locked barrier.

My notes and disclaimers on 3D printing

and miscellaneous other tech projects
He is intelligent, but not experienced. His pattern indicates two dimensional thinking. -- Spock in Star Trek: The Wrath of Khan

Opublikowany : 16/04/2021 4:06 am
Swiss_Cheese
(@swiss_cheese)
Noble Member
RE: Security audit?

Warning !! This thread will self destruct in 5..4..3..2........

The Filament Whisperer

Opublikowany : 16/04/2021 7:56 am
adesir
(@adesir)
Honorable Member
RE: Security audit?

Hello,

Disabling the USB port would probably address most of the security holes for this printer. 

The MK3s onboard memory is very small, so extracting this data useless. And I think it’s not possible to export data to SD card.

Mes modeles publics
Opublikowany : 16/04/2021 8:50 am
Dan Rogers
(@dan-rogers)
Noble Member
RE: Security audit?

There is no real USB way to load prints without using something like octoprint - which lets you put your printer on Wifi, and uses the storage in your raspberry pi.

If your models are precious, keep them in a safe with a time lock, institute physical access controls (swipe-lock, security guard with visitor log, etc).

Then you can print your star wars helmet and nobody else will know where you got it.

 

Opublikowany : 16/04/2021 8:23 pm
Share: