Release notes or changelogs would be very helpful.
Because new users would start with the actual version, do some own installations and setups to their needs - like running TVheadend selfcompiled ...
And there are no real Backup tools yet. So before installing the new version people would avoid that w/o knowing what was improved and have the to do the individual setups again.
A TBS- repository for updating only from i.e. 12.04 V.1 to V.21 would be the best way to serve existing installations also.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Cannot find much of any information on anything. Only that openbricks is being used, but openbricks website is dead in the water as well as openbricks sourceforge project.
I am really wondering why a version of Linux that utilizes a package management system is not being used. There is no reason to have to burn the whole system on every time there is an update. Looking through the code much is old, which brings up security concerns. An update interface could be added to xbmc so people could do updates from there, while using a tbs package repository for those packages that are specific to tbs products.
No documentation telling people to log in via ssh and at least change the password. Had to wait for about 15 mins before changing the passwd took affect. Trying to figure out how they have ssh setup so a private/public key can be used. No useradd command and no wheel group, so forget being able to login as a normal user then become root, disallowing root login which is standard for security reasons.
SSH does not appear to be started by systemd, nor can I find any sshd_config. I just received the unit, and in the first hour, my list of questions and concerns are long. Telnet port is open, telnet is old and considered vulnerable.
I can see some kid buying one, then going back to his/her dorm room, turning it on and running it on the dorm internet. Then some other kid doing an nmap scan seeing its a matrixtv and all the open ports, logging in, and taking complete control of it.
Also brings up, other embedded devices lacking security in homes, that are being used to crack other devices/computers on the home network. I see a big security risk here, and certainly opens them up to litigation.
Quick nmap scan results: Will run a full scan on all ports in the future to see what else is open if any.
PORT STATE SERVICE
22/tcp open ssh
23/tcp open telnet
139/tcp open netbios-ssn
445/tcp open microsoft-ds
8888/tcp open sun-answerbook
It appears I have one of the new units with dip switch for selecting which device to boot. But unfortunately no documentation, or anything in the forum, posted and waiting.
It all seems rather amateurish.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I fully agree. Exactly this happened to my matrix (HW V1.3) running Ubuntu 12.04 with TV headend running /selfcompiled latest from GIT). Some friendly hacker left a message: ''You are owned'' on the terminal ;-). Now I'm trying to find a way to update the UBOOT to a modern version (installed is a U-Boot 2009.08-dirty (12月 30 2013 - 15:53:39)) which is based on a very old one. At least there should be 2013 versions available. Than update kernel and find own ARM Linux system for it or do crosscompiling to Debian or ARCH.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Release notes or changelogs would be very helpful.
Because new users would start with the actual version, do some own installations and setups to their needs - like running TVheadend selfcompiled ...
And there are no real Backup tools yet. So before installing the new version people would avoid that w/o knowing what was improved and have the to do the individual setups again.
A TBS- repository for updating only from i.e. 12.04 V.1 to V.21 would be the best way to serve existing installations also.
Cannot find much of any information on anything. Only that openbricks is being used, but openbricks website is dead in the water as well as openbricks sourceforge project.
I am really wondering why a version of Linux that utilizes a package management system is not being used. There is no reason to have to burn the whole system on every time there is an update. Looking through the code much is old, which brings up security concerns. An update interface could be added to xbmc so people could do updates from there, while using a tbs package repository for those packages that are specific to tbs products.
No documentation telling people to log in via ssh and at least change the password. Had to wait for about 15 mins before changing the passwd took affect. Trying to figure out how they have ssh setup so a private/public key can be used. No useradd command and no wheel group, so forget being able to login as a normal user then become root, disallowing root login which is standard for security reasons.
SSH does not appear to be started by systemd, nor can I find any sshd_config. I just received the unit, and in the first hour, my list of questions and concerns are long. Telnet port is open, telnet is old and considered vulnerable.
I can see some kid buying one, then going back to his/her dorm room, turning it on and running it on the dorm internet. Then some other kid doing an nmap scan seeing its a matrixtv and all the open ports, logging in, and taking complete control of it.
Also brings up, other embedded devices lacking security in homes, that are being used to crack other devices/computers on the home network. I see a big security risk here, and certainly opens them up to litigation.
Quick nmap scan results: Will run a full scan on all ports in the future to see what else is open if any.
PORT STATE SERVICE
22/tcp open ssh
23/tcp open telnet
139/tcp open netbios-ssn
445/tcp open microsoft-ds
8888/tcp open sun-answerbook
It appears I have one of the new units with dip switch for selecting which device to boot. But unfortunately no documentation, or anything in the forum, posted and waiting.
It all seems rather amateurish.
I fully agree. Exactly this happened to my matrix (HW V1.3) running Ubuntu 12.04 with TV headend running /selfcompiled latest from GIT). Some friendly hacker left a message: ''You are owned'' on the terminal ;-). Now I'm trying to find a way to update the UBOOT to a modern version (installed is a U-Boot 2009.08-dirty (12月 30 2013 - 15:53:39)) which is based on a very old one. At least there should be 2013 versions available. Than update kernel and find own ARM Linux system for it or do crosscompiling to Debian or ARCH.